On platforms that do not support the drop keyword within the Policy Map, customers may consider utilizing a policy similar to the following as an alternative:
! -- ACL for CoPP Undesirable UDP class-map
! -- Ignore fragments to prevent them from being misclassified by the policy
access-list 199 deny ip any any fragments
! -- Classify traffic destined to UDP Port 18999 so that we can drop it prior to being processed
access-list 199 permit udp any any eq 18999
! -- CoPP Undesireable UDP class-map
class-map match-all undesireable-udp
match access-group 199
! -- Undesireable UDP Policy Map - Drop on Police Rate
policy-map drop-udp
class undesireable-udp
police rate 8000
conform-action drop
exceed-action drop
violate-action drop
! -- Apply Undesireable UDP policy Map
control-plane
service-policy input drop-udp
If the Adaptive QoS for DMVPN feature is later configured, the device must be upgraded to an unaffected release of Cisco IOS Software or Cisco IOS XE Software and the CoPP policy must be removed.
Detail information:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf73881