Chapter 14. Disabling Control Plane Protocols
When control plane policing (CoPP) is not implemented in hardware, it can be worth it to disable control plane protocols rather than rely on the software implementation of CoPP. However, this is drastic and not always applicable. This chapter explores ways to disable some control plane protocols to reduce the risk exposure of a switch.
Configuring Switches Without Control Plane Protocols
As shown in Chapter 12, “Introduction to Denial of Service Attacks,” a control plane in an Ethernet switch consists mainly of the following protocols:
• L2 processing. A switch must process and respond to Spanning Tree Protocol (STP), Link Aggregation Control Protocol (LACP), Port Aggression Protocol (PAgP), IEEE ...
Get LAN Switch Security: What Hackers Know About Your Switches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.