300-410 Question #83: Real Exam Question with Answer & Explanation

Question

Refer the exhibit. BGP is flapping after the Copp policy is applied. What are the two solutions to fix the issue? (Choose two)

Explanation

BGP sessions require uninterrupted TCP (port 179) keepalive exchange; a CoPP policy that rate-limits or drops control-plane BGP packets will starve the BGP process, causing hold-timer expiry and session flapping.

Approach. Two valid fixes exist: (1) Create or modify a dedicated CoPP class-map that explicitly matches BGP traffic (TCP port 179, sourced from known BGP neighbor IPs) and assigns it a 'transmit' or sufficiently high 'police conform-rate' action so keepalives and UPDATE messages are never dropped. (2) Increase the police rate (conform-rate / burst) in the existing CoPP BGP class if a class already exists but its rate is too restrictive - BGP is sensitive to even brief packet loss because a missed keepalive counts against the hold-timer (default 180 s). Both solutions ensure the control plane receives BGP packets without throttling, eliminating the root cause of the flap.

Concept tested. Control Plane Policing (CoPP) impact on BGP - understanding that CoPP polices traffic destined to the router CPU, that BGP relies on TCP port 179 keepalives to maintain sessions, and that an improperly tuned CoPP policy (missing BGP class, rate too low, or wrong action) will cause hold-timer expiry and session resets. The fix requires explicitly classifying and permitting/rate-limiting BGP traffic appropriately within the CoPP policy-map.

Reference. Cisco IOS CoPP Configuration Guide - 'Protecting the Control Plane'; RFC 4271 (BGP-4) Section 4.4 (KEEPALIVE); Cisco CCNP Enterprise / CCIE Enterprise Infrastructure - Control Plane Security domain

No community discussion yet for this question.