[RE: [nsp] High CPU utilization from traffic with no destination i nterface?]

Joshua Sahala joshua.ej.smith at usa.net
Fri Jun 27 08:28:02 EDT 2003


"Temkin, David" <temkin at sig.com> wrote:
> As you see, we have unreachables turned off... If I do a show ip cef
> on the non-existant network, it shows it as via the default route on
> the box, which is right back out the interface it came in on..
>

the default route is the 'problem' - the router doesn't know any better
and is only doing what you told it to do.
i would suggest acls to block bogons (flame away, i'll show you my
edge acl counters ;) ),permit connected traffic, and then drop
everything else.

[cut]

/joshua


"Walk with me through the Universe,
 And along the way see how all of us are Connected.
 Feast the eyes of your Soul,
 On the Love that abounds.
 In all places at once, seemingly endless,
 Like your own existence."
     - Stephen Hawking -





More information about the cisco-nsp mailing list