[P4-dev] creating a counter on p4_16

hemant at mnkcg.com hemant at mnkcg.com
Sun Oct 1 16:56:27 EDT 2017

With a ping packet ingressed into a forwarding plane, unless the packet destination is destined  for_us (any IP address on the router/switch), the ping request in punted (diverted) to the control plane to generate a ping reply.  For the diverted packet, one would use COPP (Control Plane Policing) – I don’t think there is a P4 program in public domain for COPP.  Also, see https://tools.ietf.org/html/rfc6192.   If you want to rate-limit for_us packets in the forwarding plane, I don’t think a P4 rate limiter exists either.  Forwarding plane rate limiting is tricky, because you’d slow down performance for every packet to inspect if the packet if a ping packet and the packet is destined for_us.


In summary, stick to COPP in the control plane.  If you do, the problem is out of scope for the p4-dev mailer.  P4 is a language to program a forwarding plane. 





From: P4-dev [mailto:p4-dev-bounces at lists.p4.org] On Behalf Of Mostafa Abdallah. Ammar
Sent: Sunday, October 01, 2017 3:02 PM
To: p4-dev at lists.p4.org
Subject: [P4-dev] creating a counter on p4_16


​Dear All,


Kindly I want to detect large amount of traffic in small time and drop traffic generator using p4_16 . I want this feature to work in addition to normal ip forwarding.


for example I want to count ping packets if it reached a certain threshold it is considered an atttack and attacker should be blocked.

any guidance for this implementation.


Best Regards,

Eng. Mostafa Abdallah Ammar,Msc.
Head of Information Security Department
CCIE security #23971
Arab Academy For Science And Technology & maritime Transport
Computer Networks & Data Center (CNDC)
Mobile: 002 01001983674

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.p4.org/pipermail/p4-dev_lists.p4.org/attachments/20171001/83866e20/attachment-0002.html>

More information about the P4-dev mailing list