CoPP uses the Modular Quality of Service Command-Line Interface (MQC). MQC is a CLI structure that allows you to define a traffic class, create a traffic policy (policy map), and attach the traffic policy to an interface. The traffic policy contains the CoPP feature that will be applied to the traffic class. Steps to configure CoPP are as follows:
Step 1. Define a traffic class using the class-map command. A traffic class is used to classify traffic. Example 18-24 shows how to create a new class-map called copp-sample-class.
Example 18-24 NX-OS CoPP Class Map Configuration
Switch(config)# class-map type control-plane copp-sample-class
Step 2. Create a traffic policy using the policy-map command. A traffic policy (policy map) contains a traffic class and one or more CoPP features that will be applied to the traffic class. The CoPP features in the traffic policy determine how to treat the classified traffic.
Step 3. Attach the traffic policy (policy map) to the control plane using the control-plane and service-policy commands. Example 18-25 shows how to attach the policy map to the control plane.
Example 18-25 NX-OS CoPP Service Policy Configuration
Switch(config)# control-plane
Switch(config-cp)# service-policy input copp-system-policy
Note
The copp-system-policy is always configured and applied. You do not need to use this command explicitly.
Note
A Cisco NX-OS device supports only hardware-based CoPP that does not support the management interface (mgmt0). The out-of-band mgmt0 interface connects directly to the CPU and does not pass through the in-band traffic hardware where CoPP is implemented. On the mgmt0 interface, ACLs can be configured to give or deny access to a particular type of traffic.