We've just moved our core from an HP 8212zl to an Aruba CX 6405. Almost immediately, we've been having issues with out NAC (FortiNAC) polling our Aruba 8 wireless cluster and 337 APs. According to FortiNAC, it loses contact with both controllers and most APs at random times throughout the day. The controllers and APs are not going down, FortiNACs polls (SNMP and ping) are sporadically failing.
After way too much time, this led me to think that these new copp policies may be causing the issue. If we look at the copp policy stats, there are a few lines of note:
WS-Core01# show copp-policy stat
Statistics for CoPP policy 'default':
Totals:
packets passed : 5050627 packets dropped : 39534
Class: icmp-unicast-ipv4
packets passed : 103783 packets dropped : 161
Class: ip-exceptions
packets passed : 415463 packets dropped : 32799
Class: unresolved-ip-unicast
packets passed : 773216 packets dropped : 6574
We did not have a control plane policy enabled on our 8212zl. It's enabled by default on the CX line and can't be turned off, only modified. Is there a way to whitelist my FortiNAC/controllers/APs or simply the VLAN traffic from being monitored with packets being dropped?