A network engineer is configuring CoPP on a Cisco Nexus 9000 switch to protect the control plane from a potential DoS attack. The engineer creates a class-map that matches traffic with a specific DSCP value (AF41) and applies a police rate of 10 Mbps. After applying the policy, the engineer notices that legitimate traffic with DSCP AF41 is being dropped even though the traffic rate is only 5 Mbps. What is the most likely cause?
Correct because if the conform-action is set to drop, all traffic in that class is dropped, even if it is within the police rate.
Why this answer
The correct answer is that the CoPP policy is using a conform-action of drop, which drops all traffic that matches the class, regardless of rate. Option B is incorrect because the police rate is not exceeded. Option C is incorrect because DSCP AF41 is a valid value.
Option D is incorrect because CoPP does not require a specific queue; it uses policing.