Cisco Cisco IOS Software Release 12.4(6)T
Corporate Headquarters:
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
© 2006 Cisco Systems, Inc. All rights reserved.
Management Plane Protection
First Published: February 27, 2006
Last Updated: February 27, 2006
Last Updated: February 27, 2006
The Management Plane Protection (MPP) feature in Cisco IOS software provides the capability to
restrict the interfaces on which network management packets are allowed to enter a device. The MPP
feature allows a network operator to designate one or more router interfaces as management interfaces.
Device management traffic is permitted to enter a device only through these management interfaces.
After MPP is enabled, no interfaces except designated management interfaces will accept network
management traffic destined to the device.
restrict the interfaces on which network management packets are allowed to enter a device. The MPP
feature allows a network operator to designate one or more router interfaces as management interfaces.
Device management traffic is permitted to enter a device only through these management interfaces.
After MPP is enabled, no interfaces except designated management interfaces will accept network
management traffic destined to the device.
Restricting management packets to designated interfaces provides greater control over management of
a device, providing more security for that device. Other benefits include improved performance for data
packets on nonmanagement interfaces, support for network scalability, need for fewer access control
lists (ACLs) to restrict access to a device, and management packet floods on switching and routing
interfaces are prevented from reaching the CPU.
a device, providing more security for that device. Other benefits include improved performance for data
packets on nonmanagement interfaces, support for network scalability, need for fewer access control
lists (ACLs) to restrict access to a device, and management packet floods on switching and routing
interfaces are prevented from reaching the CPU.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
links to specific feature documentation in this module and to see a list of the releases in which each feature is
supported, use the
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image
support. Access Cisco Feature Navigator at
support. Access Cisco Feature Navigator at
. You must have an account on
Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at
the login dialog box and follow the instructions that appear.
the login dialog box and follow the instructions that appear.
Contents
•
•
•