Table of Contents
The control plane policing (CoPP) feature increases security on the switch by protecting the CPU from unnecessary or DoS traffic and giving priority to the important control plane and management traffic.
"COPP_GROUP": {
"default": {
"queue": "0",
"meter_type":"packets",
"mode":"sr_tcm",
"cir":"600",
"cbs":"600",
"red_action":"drop"
},
"queue4_group1": {
"trap_action":"trap",
"trap_priority":"4",
"queue": "4",
"meter_type":"packets",
"mode":"sr_tcm",
"cir":"6000",
"cbs":"6000",
"red_action":"drop"
},
"queue4_group2": {
"trap_action":"copy",
"trap_priority":"4",
"queue": "4",
"meter_type":"packets",
"mode":"sr_tcm",
"cir":"600",
"cbs":"600",
"red_action":"drop"
},
...
2. “COPP_TRAP” manages traps for different types of traffic.
"COPP_TRAP": {
"bgp": {
"trap_ids": "bgp,bgpv6",
"trap_group": "queue4_group1"
},
"lacp": {
"trap_ids": "lacp",
"trap_group": "queue4_group1",
"always_enabled": "true"
},
"arp": {
"trap_ids": "arp_req,arp_resp,neigh_discovery",
"trap_group": "queue4_group2",
"always_enabled": "true"
},
"lldp": {
"trap_ids": "lldp",
"trap_group": "queue4_group3"
},
"dhcp_relay": {
"trap_ids": "dhcp,dhcpv6",
"trap_group": "queue4_group3"
},
"udld": {
"trap_ids": "udld",
"trap_group": "queue4_group3",
"always_enabled": "true"
},
"ip2me": {
"trap_ids": "ip2me",
"trap_group": "queue1_group1",
"always_enabled": "true"
},
"macsec": {
"trap_ids": "eapol",
"trap_group": "queue4_group1"
},
"nat": {
"trap_ids": "src_nat_miss,dest_nat_miss",
"trap_group": "queue1_group2"
},
"sflow": {
"trap_group": "queue2_group1",
"trap_ids": "sample_packet"
}
}
To check and change the sampling rate for ARP packets, we need to check the corresponding COPP_TRAP section:
"arp": {
"trap_ids": "arp_req,arp_resp,neigh_discovery",
"trap_group": "queue4_group2",
"always_enabled": "true"
},
These traps belong to the queue4_group2 group, and in the COPP_GROUP section we can see:
"queue4_group2": {
"trap_action":"copy",
"trap_priority":"4",
"queue": "4",
"meter_type":"packets",
"mode":"sr_tcm",
"cir":"600",
"cbs":"600",
"red_action":"drop"
},
We have a limit of 600 packets per second, and all packets above this value will get dropped.
User is expected to resolve any conflicts, say for a trap id or group, that arises due to values configured by the user.
Taoyuan city, Taiwan, 24th of June 2024. Netberg announced the new Aurora 721 100G and Aurora 421 10G switches, which feature programmable pipelines powered by Broadcom StrataXGS® Trident3 Ethernet switch chips.
Taoyuan city, Taiwan, January 24th, 2024. Netberg announced the release of two new models powered by the Broadcom StrataXGS® Trident3 series , the Netberg Aurora 221 1G switch and Aurora 621 25G switch.
Effective January 12, 2024: The following products are now End of Life (EOL) - Aurora 720 and Aurora 620.
Taoyuan city, Taiwan, December 20th, 2023. Netberg updates its Netberg SONiC distribution to release 2022.11 on Aurora 610, Aurora 710, and Aurora 750 P4-Programmable Intel Tofino IFP systems.
Taipei, Taiwan, 14th of November 2022. Netberg announced the new Aurora 810 400G model programmable switch with Intel Tofino 2 Intelligent Fabric Processors (IFPs) at its heart. The new platform has 32x 400G QSFP-DD Ethernet ports and a 12.8Tbps switching capacity.
Taipei, Taiwan, 24th of October 2022. Netberg participates in the new round of the Fast Forward Initiative by Intel (FFI'22). The program supports academic and research organizations today, aiming at accelerating tomorrow's best network programmability research.