Hi On Friday, June 4, 2021, Saku Ytti <[email protected]> wrote: > Sorry, not really. LPTS is quite a blockbox and there is not much you > can do to improve if you have actual control-plane issues after LPTS.
Thanks for comments. This is very valuable info. What are your thoughts about: flow udp default rate 0 flow tcp default rate 0 Are they safe to use? Cisco did not recommend them but I dont understand why. And they failed to explain. Maybe because they dont understand themselves either ;) According to my tests without those configs e.g. unauthorized [1] ssh is probably punted because router replies with tcp rst (actually multiple rst packets). After tcp default 0 router does not send response which is better [1] control-plane management-plane ... allow ssh peer _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
