[nsp] High CPU utilization from traffic with no destination i nterface?

rpcbind at speakeasy.net rpcbind at speakeasy.net
Thu Jun 26 12:49:46 EDT 2003 

Ejay made the point that I overlooked -- make sure that you have 'no ip 
unreach' on the ingress interface, otherwise you'll end up generating a pile 
of icmp (though IIRC, this is ratelimited).

> There is no null interface because there's nothing statically routed that 
> way for it...

There is, irregardless of whether you configured it, ie:

sw-core3>show ip cef 70.12.0.0
0.0.0.0/0, version 371298, epoch 0, attached
0 packets, 0 bytes
  via Null0, 0 dependencies
    valid null adjacency

> Yup, I am running CEF... 
>
> Show int switching shows that it's all being process switched.

This is inevitably the true root of your problem -- if CEF is enabled 
globally, and you don't have a 'no ip route-cache cef' on the interface, then 
'sho ip int' should reveal something nasty that's forcing process switching.

Which platform and what type of interfaces are you seeing this on? If
everything's being processed switched, then your baseline CPU is going to be
much higher than if should be.


> -----Original Message-----
> From: rpcbind at speakeasy.net [mailto:rpcbind at speakeasy.net] 
> Sent: Thursday, June 26, 2003 2:35 PM
> To: Temkin, David
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [nsp] High CPU utilization from traffic with no destination
> interface?
> 
> 
> 
> Are you running CEF? If so, then there's an implicit adjaceny to the null 
> interface, so it should be handled extremely inexpensively. What does a
> 'show 
> ip int' of the ingress interface show -- any chance there's some features 
> there that may have tickled things badly?
> 
> 
> On Thu, 26 Jun 2003, Temkin, David wrote:
> 
> > Does anyone know the actual IOS architecture for handling packets that 
> > enter the router where the router doesn't have a route for them?
> > 
> > I had a situation where a large amount of traffic was directed at one 
> > of my routers that didn't have a route to the destination and the CPU 
> > was pegged at 99%...  When I added an ACL blocking traffic to the 
> > networks that I didn't have routes to, the utilization dropped 
> > dramatically.
> > 
> > Thanks,
> > 
> > -Dave
> > 
> > 
> > David Temkin
> > S-I-G
> > 401 City Avenue
> > Bala Cynwyd, PA 19004
> > http://www.sig.com <http://www.sig.com>
> > 
> > 
> > 
> > IMPORTANT:The information contained in this email and/or its 
> > attachments is confidential. If you are not the intended recipient, 
> > please notify the sender immediately by reply and immediately delete 
> > this message and all its attachments.  Any review, use, reproduction, 
> > disclosure or dissemination of this message or any attachment by an 
> > unintended recipient is strictly prohibited.  Neither this message nor 
> > any attachment is intended as or should be construed as an offer, 
> > solicitation or recommendation to buy or sell any security or other 
> > financial instrument.  Neither the sender, his or her employer nor any 
> > of their respective affiliates makes any warranties as to the 
> > completeness or accuracy of any of the information contained herein or 
> > that this message or any of its attachments is free of viruses.
> > 
> > 
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> > http://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > 
> 
> 
> IMPORTANT:The information contained in this email and/or its attachments is
> confidential. If you are not the intended recipient, please notify the
> sender immediately by reply and immediately delete this message and all its
> attachments.  Any review, use, reproduction, disclosure or dissemination of
> this message or any attachment by an unintended recipient is strictly
> prohibited.  Neither this message nor any attachment is intended as or
> should be construed as an offer, solicitation or recommendation to buy or
> sell any security or other financial instrument.  Neither the sender, his or
> her employer nor any of their respective affiliates makes any warranties as
> to the completeness or accuracy of any of the information contained herein
> or that this message or any of its attachments is free of viruses.
> 
> 
>

More information about the cisco-nsp mailing list