Classes of traffic
The different classes of traffic that can be individually configured are:
acl-logging
: Access Control List logging packets.arp-broadcast
: Address Resolution Protocol packets with a broadcast destination MAC address.arp-unicast
: Address Resolution Protocol packets with a switch system destination MAC address.bfd
: Bidirectional Forwarding Detection (BFD) packets with a destination IP address owned by the switch.bgp-ipv4
: Border Gateway Protocol packets with a destination IPv4 address owned by the switch.bgp-ipv6
: Border Gateway Protocol packets with a destination IPv6 address owned by the switch.dhcp-ipv4
: Dynamic Host Configuration Protocol packets with a destination IPv4 address.dhcp-ipv6
: Dynamic Host Configuration Protocol packets with a destination IPv6 address.erps
: Ethernet Ring Protection Switching control packets with the destination MAC address 01:19:a7:00:00:XX, where XX can be any value.hypertext
: Hypertext Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS) packets.icmp-broadcast-ipv4
: Internet Control Message Protocol packets with a broadcast or multicast destination IPv4 address.icmp-multicast-ipv6
: Internet Control Message Protocol packets with a well-known multicast destination IPv6 address.icmp-unicast-ipv4
: Internet Control Message Protocol packets with a destination IPv4 address owned by the switch.icmp-unicast-ipv6
: Internet Control Message Protocol packets with a destination IPv6 address owned by the switch.igmp
: Internet Group Management Protocol packets.ip-exceptions
: Routable packets that would exceed the MTU for the egress interface, packets that trigger ICMP redirects, and packets with TTL/hop_limit=1 that are discarded when routing through the switch.ipsec
: Internet Protocol Security IPv4 or IPv6, unicast or configured multicast. All IPsec traffic received by the CPU will be regulated by theipsec
class regardless of the encapsulated protocol.ipv4-options
: Unicast IPv4 packets including option headers.ipv6-options
: Unicast IPv6 packets including option headers.lacp
: Link Aggregation Control Protocol packets with the destination MAC address 01:80:c2:00:00:02.lldp
: Link Layer Discovery Protocol packets with the destination MAC address 01:80:c2:00:00:0e.loop-protect
: Loop Protection packets with the destination MAC address 09:00:09:09:13:a6.mirror-to-cpu
: Packets from mirroring session configured to deliver to the console.mld
: Multicast Listener Discovery packets of type V1 or V2 with an IPv6 address of FF00::/8, FF02::16 or FF02::2.mvrp
: Multiple VLAN Registration Protocol packets with the destination MAC address 01:80:c2:00:00:20 or 01:80:c2:00:00:21.ntp
: Network Time Protocol packets with a destination IP address owned by the switch.ospf-multicast-ipv4
: Open Shortest Path First packets with the multicast destination IPv4 address 224.0.0.5 or 224.0.0.6. The 8325 switch has VxLAN packets with VNI 0.ospf-multicast-ipv6
: Open Shortest Path First packets with the multicast destination IPv6 address FF02::5 or FF02::6.ospf-unicast-ipv4
: Open Shortest Path First packets with a destination IPv4 address owned by the switch.ospf-unicast-ipv6
: Open Shortest Path First packets with a destination IPv6 address owned by the switch.pim
: Protocol Independent Multicast packets with the destination IPv4 address 224.0.0.13 or IPv6 address FF02::D, or with a destination IP address owned by the switch.sflow
: Packet headers sampled by the switch that will be sent to the sFlow collector.ssh
: Secure Shell (SSH) or Secure File Transfer Protocol (SFTP) packets. Dropping ssh packets will result in the connection to the CLI being lost.stp
: Spanning Tree Protocol (STP) packets with the destination MAC address 01:80:c2:00:00:00 or Per-VLAN Spanning Tree (PVST) packets with the destination MAC address 01:00:0c:cc:cc:cd.telnet
: Secure Telnet packets.udld
: Unidirectional Link Detection packets with the destination MAC address 01:00:0c:cc:cc:cc or 00:e0:52:00:00:00, or Cisco Discovery Protocol packets with the destination MAC address 01:00:0c:cc:cc:cc.unknown-multicast
: Packets with an unknown multicast destination IP address.unresolved-ip-unicast
: Packets to be software forwarded by the management processor.vrrp-ipv4
: Virtual Router Redundancy Protocol packets with the destination IPv4 address 224.0.0.18 or VSX-Keepalive.vrrp-ipv6
: Virtual Router Redundancy Protocol packets with the destination IPv6 address FF02::12.
default
that can also be configured to regulate other traffic to the CPU or prevent other traffic from being delivered.
All IPsec traffic received by the CPU will be regulated by the
ipsec
class regardless of the encapsulated protocol.