[c-nsp] Cisco 7500, output errors on FastEth interfaces

Ray Van Dolson rayvd at digitalpath.net
Wed Aug 31 01:33:05 EDT 2005


Hello all... I am definitely not a Cisco admin, but it has been kind of forced
upon me and I'm trying to get up to speed as quickly as possible.  Hoping to
find some help here as well as reading up elsewhere.

We've got a Cisco 7500 series router with an RSP4, and two VIP4-50's.  A HSSI
port connected to a T3 is on one of the VIP4-50's and the other contains two
FastEthernet ports.

The router had been suffering from ddos attacks for a while and wasn't
handling things too well.  In fact it's CPU load was up around 75% through
even "normal" traffic times.

Investigating this it seemed we weren't using the proper switching method.
Turned on "ip cef distributed" which apparently offloads a lot of the
switching decisions to the VIP cards.  Immediately the load on the RSP4
dropped to 2%.  Hoorah right?

Things seem to be working OK, but now I am beginning to see output errors on
the FastEthernet interfaces.  I'm wondering if this is due to the cef entry I
enabled above.

Should I turn on ip route-cache distributed for the Hssi port only and use
another method for the FastEthernet ports?  If I understand things correctly,
turning ip cef distributed on globally will enable this on all interfaces.

In any case, the config for the FastEth ports is pretty basic:

interface FastEthernet5/1/0
 ip address XX.XXX.XXX.1 255.255.255.0
 ip access-group 182 in
 no ip proxy-arp
 no ip mroute-cache
 half-duplex
 hold-queue 100 in

Similar for the other one.

Any suggestions?

Ray


More information about the cisco-nsp mailing list