[nsp] High CPU on 2600

Chris Griffin cgriffin at ufl.edu
Thu Oct 23 12:37:17 EDT 2003 

Joel,
	This can be caused by a large number of translations in your NAT
(overload) pool commonly caused by hosts sweeping IP space looking for
hosts to attack.  Very common with nachi infected hosts.  Check out
"show ip nat statistics"

Chris

On Thu, 2003-10-23 at 10:20, Joel Perez wrote:
> Hey guys,
>  
> I have a small problem. I have a 2600 in a remote office doing NAT'ing
> serving about 20-25 people. Everything works fine except that the cpu on
> the 2600 is thru the roof.
> They aren't generating much traffic, probably about 1.5 megs. The 2600
> is only using the FastEth for the internal and external interaces. Can
> the NAT'ing be making my CPU that high?
> Here is the config I have now:
>  
> 
> ip subnet-zero
> ip cef
> !
> interface FastEthernet0/0
>  description ---------------"Gateway to Internet"---------------
>  ip address 1.2.3.4 255.255.255.0
>  ip nat outside
>  duplex auto
>  speed auto
> !
> interface Serial0/0
>  no ip address
>  shutdown
>  no fair-queue
> !
> interface FastEthernet0/1
>  description ---------------"Gateway To Etrade"---------------
>  ip address 5.6.7.8 255.255.255.0
>  ip nat inside
>  duplex auto
>  speed auto
> !
> ip nat pool Traders 1.2.3.4 1.2.3.4 prefix-length 24
> ip nat inside source list 1 pool Traders overload
> no ip http server
> ip classless
> ip route 0.0.0.0 0.0.0.0 1.2.3.1
> !
> !
> access-list 1 permit 10.64.14.0 0.0.0.255
>  
> Regards,
>  
> ----------------------------------------------
> Joel Perez <jperez at ntera.net>  | IP Engineer
> http://www.ntera.net/                 | Ntera
> 305.914.3412
>  
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-- 
Chris Griffin                           cgriffin at ufl.edu
Network Engineer - CCNP                 Phone: (352) 392-2061
OIT - Network Services                  Fax:   (352) 392-9440
University of Florida                   Gainesville, FL 32611

More information about the cisco-nsp mailing list