[nsp] Catalyst6509 GE interface hang without any indication

Joe Shen jshen at christmas.9966.org
Thu May 27 06:16:58 EDT 2004 

Todd,

thanks for your kindly help .  

I experimented with another 6509 box  for  possible problem post at
"http://www.cisco.com/en/US/products/products_security_advisory09186a008
01a34c2.shtml with codes downloaded from Internet.
The msfc of the box runs IOS Version 12.1(4)E1, which is not listed in
above page. I think it should be vulnable. The result is, although I
"attack" one of it's interface IP problem did not occur. I'm not sure
whether I take the right way of scenerio remaking. 

>a) When the box hangs does the sup2 hang or is it just 15/1?

With the first box suffered from interface hang, only ge-1/1  hang ( I
showed its info. in previous message), with the second on the whole
system hang.
and,

6509C-msfc-hz>sh scp status    
Rx 10691273,  Tx 7072654,  Sap 13
Id     Channel name    current/peak/retry/total  time(queue/process)
-- ------------------- ------------------------  -------------------
0  SCP async: TCAM MGR  0/ 20/  0/  162         13412/13412/   4
1  SCP async: Fake MCA  0/  0/  0/    0            0/   0/   0
3  SCP async: RUN_CONF  0/ 33/  0/   59          176/ 172/ 172
5  SCP async: HA SRM S  0/  2/  0/    7            0/   4/   0
6  SCP async: HA SRM M  0/  1/  0/    6            0/   0/   0
7  SCP Unsolicit:0      0/  3/  0/1233574            0/   0/ 396
8  SCP async: Draco-NM  0/  1/  0/    2            0/ 424/   0
9  SCP async: NMP       0/  0/  0/    0            0/   0/   0
10 SCP async: constall  0/  0/  0/    0            0/   0/   0
11 SCP async: [cfg] l3  0/ 16/  0/   19         1348/ 408/   8
12 SCP async: [mls] l3  0/  2/  0/10248            8/ 472/  20

but, show inband, sh scp failcnt  seems not work. how could I check
interface asicreg?  


>4) To note a few things from your email below - 15/1: Is there any
correlation between Gig to M160 not sending/receiving traffic and 15/1 
>freezing? OR is 15/1 freezing the only cause of traffic not being
forwarded. I guess I am saying the MSFC is problem and not the gig port 
>between the 6500 and the m160. Is this valid?

the problem went away when We restart ge-1/1. Other part seems good when
I noticed no traffic on the ge link.

>5) Assuming that scp is not the problem I would set up a span and
capture traffic up until the msfc fails.  Then see if you can see what 
>might be causing it (I have done this many times - Let me know if you
need some ideas).

Maybe I have to do this, but the traffic on that switch is about
800Mbps. Too heavy to my PC.


Thank you very much !

Joe

More information about the cisco-nsp mailing list