[nsp] 6500 Native IOS ACLs
Clinton Work
work@scripty.com
Wed, 13 Nov 2002 11:05:54 -0700
None of the ACLs have log statements. As suggested by David, some of the
interfaces are showing lots of route cache switching. Is there any
way to determine what percentage of the MSFC2 CPU interrupt time is spent
processing ACLs or routing packets?
The router is taking a full BGP feed with 120,000 routes and its possible
that the PFC2 resources could be exhausted and its punting some packet
procesing to the MSFC2. Is there are way to verify PFC2 overload?
router#show int stat
Interface Vlan1 is disabled
Vlan111
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 4867037 1415878403 4798955 2732640617
Route cache 3668823677 1074330783 117086380 4005823617
Distributed cache 0 0 457424479 1876946560
Total 3673690733 2490226633 579309828 25479049
Vlan112
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 4949929 1421352004 4821062 2724319068
Route cache 1699973459 754377857 1798272847 2095289959
Distributed cache 0 0 1297230468 3020192762
Total 1704923393 2175729969 3100324379 3544834581
GigabitEthernet1/1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 31994066 272721020 6215190 926542294
Route cache 448401771 1027366728 482785841 3035744832
Distributed cache 3980311035 3145911164 969352654 2306832280
Total 165739576 151031616 1458353685 1974152110
GigabitEthernet3/3
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 80926 21850020 0 0
Route cache 0 0 0 0
Distributed cache 4129090186 3297662366 0 0
Total 4129171112 3319512386 0 0
On Wed, Nov 13, 2002 at 05:48:27PM +0000, Marc Williams wrote:
> Worth checking if any of your acls are logging. That burns cpu bigtime.
>
> --
> marc
>
>
>
>
--
=========================================================================
Clinton Work clinton@scripty.com
Calgary, Alberta