Why are the Software CoPP counters greater than Hardware CoPP counters?
A. Software Control Plane Policing (CoPP) counters are the sum of packets traversing hardware CoPP and hardware rate limiting. Packets are first handled by hardware rate limiters, and if they do not match, then hardware CoPP comes to picture. If the hardware rate limiter allows the packets, this packet goes to software where it is processed by software CoPP. Due to this software, CoPP can be greater than hardware CoPP counters. Also there are some restrictions where CoPP is not supported in hardware. Some of them are: • CoPP is not supported in hardware for multicast packets. The combination of ACLs, multicast CPU rate limiters, and CoPP software protection provides protection against multicast DoS attacks. • CoPP is not supported in hardware for broadcast packets. The combination of ACLs, traffic storm control, and CoPP software protection provides protection against broadcast DoS attacks. • Classes that match multicast are not applied in hardware but are applied in software. • CoPP i
