[nsp] High CPU utilization from traffic with no destination i nterface?

Dmitri Kalintsev dek at hades.uz
Fri Jun 27 09:41:50 EDT 2003 

David,

You may be sending ICMP redirects for the traffic that hit your router but
was routed right back where it came from. Try switching off redirects,
unless you really need them.

You also have an ACL applied, do you by any chance have any entries with
"log" on it? This would touch your CPU, too.

SY,
--
D.K.

On Thu, Jun 26, 2003 at 02:56:37PM -0400, Temkin, David wrote:
> As you see, we have unreachables turned off...  If I do a show ip cef on the
> non-existant network, it shows it as via the default route on the box, which
> is right back out the interface it came in on..
> 
> Now that the attack has stopped, CPU is back to it's normal ~30%...  
> 
> FastEthernet0/0 is up, line protocol is up
>   Internet address is x.x.x.x
>   Broadcast address is 255.255.255.255
>   Address determined by non-volatile memory
>   MTU is 1500 bytes
>   Helper address is not set
>   Directed broadcast forwarding is disabled
>   Secondary address 209.213.219.91/29
>   Outgoing access list is not set
>   Inbound  access list is 101
>   Proxy ARP is enabled
>   Security level is default
>   Split horizon is enabled
>   ICMP redirects are always sent
>   ICMP unreachables are never sent
>   ICMP mask replies are never sent
>   IP fast switching is enabled
>   IP fast switching on the same interface is enabled
>   IP Flow switching is enabled
>   IP CEF switching is enabled
>   IP CEF Flow Fast switching turbo vector
>   IP multicast fast switching is enabled
>   IP multicast distributed fast switching is disabled
>   IP route-cache flags are Fast, Flow, CEF
>   Router Discovery is disabled
>   IP output packet accounting is disabled
>   IP access violation accounting is disabled
>   TCP/IP header compression is disabled
>   RTP/IP header compression is disabled
>   Probe proxy name replies are disabled
>   Policy routing is disabled
>   Network address translation is enabled, interface in domain outside
>   WCCP Redirect outbound is disabled
>   WCCP Redirect inbound is disabled
>   WCCP Redirect exclude is disabled
>   BGP Policy Mapping is disabled
>   IP multicast multilayer switching is disabled
> 
---end quoted text---

More information about the cisco-nsp mailing list