[c-nsp] Better way of finding out the source of process switched traffic?

Joe Maimon jmaimon at ttec.com
Thu Jan 27 08:16:02 EST 2005 


Dave Temkin wrote:

>I've got an internet-facing router that's seeing a very high rate of
>process switched traffic.  Nothing too crazy is configured on this router
>- a little bit of NAT
>
There you go. Is it nat or pat? Lots of proccess switching potential 
here. (check 12.3T for CEF'd NAT)

sh ip nat st
sh ip nat st | i CEF

>, a couple of route maps,
>
ip route-cache policy

> BGP.  That's about it.
>Aside from doing a debug ip packet and killing the router (it's passing
>about 30-40mbit of traffic), are there any other options for tracking down
>what's in the process queue? 
>
If you open a TAC case, you can profile the router and the engineer can 
tell what it seems to be spending most its time doing.

> Router is running 12.3.6a
>
>FastEthernet0/0
>          Throttle count          4
>                   Drops         RP          5         SP          0
>             SPD Flushes       Fast       3103        SSE          0
>             SPD Aggress       Fast          0
>            SPD Priority     Inputs   83215964      Drops          0
>
>    Protocol  IP
>          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
>                 Process 1803602701 4025634609 1661069368  456573125
>            Cache misses          0          -          -          -
>                    Fast 2713542052 1802705001 3837108389  304620460
>               Auton/SSE          0          0          0          0
>
>FastEthernet1/0 Outside
>          Throttle count          0
>                   Drops         RP          0         SP          0
>             SPD Flushes       Fast       1796        SSE          0
>             SPD Aggress       Fast          0
>            SPD Priority     Inputs    6927146      Drops          0
>
>    Protocol  IP
>          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
>                 Process  543622379 2397426796  317919218 1743487367
>            Cache misses          0          -          -          -
>                    Fast 3071349692 1923264716 1211037578 2505497398
>               Auton/SSE          0          0          0          0
>
>
>FastEthernet2/0 Outside 2
>          Throttle count          0
>                   Drops         RP          0         SP          0
>             SPD Flushes       Fast       1480        SSE          0
>             SPD Aggress       Fast          0
>            SPD Priority     Inputs   42435822      Drops          0
>
>    Protocol  IP
>          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
>                 Process 1056561152 1934756549 1414955036 1939153311
>            Cache misses          0          -          -          -
>                    Fast  819752907  318162363 1502399074 1302221329
>               Auton/SSE          0          0          0          0
>
>
>!
>interface FastEthernet0/0.101
> encapsulation dot1Q 101
> ip address x.x.x.x x.x.x.x.x
> no ip redirects
> no ip proxy-arp
> ip nat inside
> ip policy route-map RM101
> no cdp enable
> standby 101 ip x.x.x.y
> standby 101 timers 1 3
> standby 101 priority 250
> standby 101 preempt
> standby 101 name HSRP101
>!
>
>!
>interface FastEthernet1/0
> description Outside 1
> ip address x.x.x.x x.x.x.x
> ip access-group Yipes-Outside in
> ip nat outside
> load-interval 30
> duplex full
> ntp disable
> hold-queue 300 in
> hold-queue 300 out
>
>
>-Dave
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>  
>

More information about the cisco-nsp mailing list