When configuring Control Plane Policing on a router to protect it from malicious traffic, an engineer observes that the configured routing protocols start flapping on that device.
Which action in the Control Plane Policy prevents this problem in a production environment while achieving the security objective?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Control Plane Policing (CoPP) is a security feature that allows the router to protect itself from excessive or malicious traffic directed to its control plane. The control plane is responsible for handling the routing protocols, management traffic, and other network control functions. If the control plane is overwhelmed with traffic, it can lead to performance issues, instability, and even device failure.
In this scenario, the engineer observes that the configured routing protocols start flapping on the router after applying CoPP. Routing protocol flapping refers to the state where a route is learned and then lost repeatedly, which can cause network instability and traffic disruptions.
To prevent routing protocol flapping while achieving the security objective, the engineer needs to configure CoPP properly. The correct action to prevent routing protocol flapping is to apply the Control Plane Policy in the input direction and set the conform-action to transmit and exceed-action to drop.
Here is a detailed explanation of each option and why they are not the correct answer:
A. Set the conform-action and exceed-action to transmit initially to test the ACLs and transmit rates and apply the Control Plane Policy in the output direction.
This option suggests setting both conform-action and exceed-action to transmit initially to test the ACLs and transmit rates, and then applying the Control Plane Policy in the output direction. While this option allows testing the ACLs and transmit rates, it does not prevent routing protocol flapping, as applying the policy in the output direction can affect the data plane traffic leaving the router, not the control plane traffic.
B. Set the conform-action and exceed-action to transmit initially to test the ACLs and transmit rates and apply the Control Plane Policy in the input direction.
This option suggests setting both conform-action and exceed-action to transmit initially to test the ACLs and transmit rates, and then applying the Control Plane Policy in the input direction. This option is the correct answer because applying the Control Plane Policy in the input direction allows the router to filter the incoming control plane traffic and protect itself from excessive or malicious traffic. Setting the conform-action to transmit allows the allowed traffic to pass through, while setting the exceed-action to drop prevents the router from processing excessive or malicious traffic that could cause routing protocol flapping.
C. Set the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates and apply the Control Plane Policy in the input direction.
This option suggests setting the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates, and then applying the Control Plane Policy in the input direction. While setting the exceed-action to drop is the correct action to prevent routing protocol flapping, setting the conform-action to transmit means allowing all the control plane traffic to pass through, even if it is not necessary. This can lead to unnecessary processing and resource consumption.
D. Set the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates and apply the Control Plane Policy in the output direction.
This option suggests setting the conform-action to transmit and exceed-action to drop to test the ACLs and transmit rates, and then applying the Control Plane Policy in the output direction. Applying the Control Plane Policy in the output direction affects the data plane traffic leaving the router, not the control plane traffic. Therefore, this option does not prevent routing protocol flapping.