Information About Punt Policing and Monitoring
Overview of Punt Policing and Monitoring
Packets received on an interface are punted to the Router Processor (RP) for various reasons. Some examples of these various reasons include, unicast and multicast control plane traffic that are destined for a routing protocol process running on the RP, and IP packets that generate Internet Control Message Protocol (ICMP) exceptions such as a Time to live (TTL) expiration. The RP has a limited capacity to process the punted packets, and while some of them are critical for the router operation and should not be dropped, some can be dropped without impacting the router operation.
Punt policing frees the RP from having to process noncritical traffic. Traffic is placed in queues based on various criteria, and you can configure the maximum punt rate for each queue which allows you to configure the system so that packets are less likely to be dropped from queues that contain critical traffic.
Note |
Traffic on certain CPU queues could still be dropped, regardless of the configured punt rate, based on other criteria such as the queue priority, queue size, and traffic punt rate. |
Per-Interface Per-Cause Punt Policer
Per-interface per-cause (PIPC) punt policing is an enhancement to the Punt Policing and Monitoring feature that allows you to control and limit traffic per interface. From Cisco IOS XE Release 17.5.1, you can set the PIPC rate for all the control plane-punted traffic. When you set the PIPC rate, any traffic beyond the set limit is dropped, thereby enabling you to control the traffic during conditions such as L2 storming.
The PIPC punt policer configuration is supported for the following interfaces:
-
Main interface
-
Subinterface
-
Port channel
-
Port channel subinterface
-
Tunnels
-
PPPoE interface