[nsp] 6500 Native IOS ACLs

Rubens Kuhl Jr. rkjnsp@ieg.com.br
Wed, 13 Nov 2002 16:19:03 -0200 

Is RPF checking enabled on any interface ? This halves maximum FIB size to
112,000 routes... replacing RPF with inbound ACLs removes this limitation.
Even if it's not your current problem, it will haunt you very soon unless
you filter a lot of routes and default them.


Rubens Kuhl Jr.



----- Original Message -----
From: "Clinton Work" <work@scripty.com>
To: "Cisco-NSP" <cisco-nsp@puck.nether.net>
Sent: Wednesday, November 13, 2002 4:05 PM
Subject: Re: [nsp] 6500 Native IOS ACLs


| The router is taking a full BGP feed with 120,000 routes and its possible
| that the PFC2 resources could be exhausted and its punting some packet
| procesing to the MSFC2. Is there are way to verify PFC2 overload?
|
| router#show int stat
| Interface Vlan1 is disabled
|
| Vlan111
|           Switching path    Pkts In   Chars In   Pkts Out  Chars Out
|                Processor    4867037 1415878403    4798955 2732640617
|              Route cache 3668823677 1074330783  117086380 4005823617
|        Distributed cache          0          0  457424479 1876946560
|                    Total 3673690733 2490226633  579309828   25479049
|
| Vlan112
|           Switching path    Pkts In   Chars In   Pkts Out  Chars Out
|                Processor    4949929 1421352004    4821062 2724319068
|              Route cache 1699973459  754377857 1798272847 2095289959
|        Distributed cache          0          0 1297230468 3020192762
|                    Total 1704923393 2175729969 3100324379 3544834581
|
| GigabitEthernet1/1
|           Switching path    Pkts In   Chars In   Pkts Out  Chars Out
|                Processor   31994066  272721020    6215190  926542294
|              Route cache  448401771 1027366728  482785841 3035744832
|        Distributed cache 3980311035 3145911164  969352654 2306832280
|                    Total  165739576  151031616 1458353685 1974152110
|
| GigabitEthernet3/3
|           Switching path    Pkts In   Chars In   Pkts Out  Chars Out
|                Processor      80926   21850020          0          0
|              Route cache          0          0          0          0
|        Distributed cache 4129090186 3297662366          0          0
|                    Total 4129171112 3319512386          0          0
|
|
| On Wed, Nov 13, 2002 at 05:48:27PM +0000, Marc Williams wrote:
| > Worth checking if any of your acls are logging. That burns cpu bigtime.
| >
| > --
| > marc
| >
| >
| >
| >
|
| --
| =========================================================================
| Clinton Work                                        clinton@scripty.com
| Calgary, Alberta
| _______________________________________________
| cisco-nsp mailing list  real_name)s@puck.nether.net
| http://puck.nether.net/mailman/listinfo/cisco-nsp
| archive at http://puck.nether.net/pipermail/cisco-nsp/