[c-nsp] What is VFM?
Matyas Koszik
koszik at atw.hu
Sun Jul 17 11:42:53 EDT 2005
Hi,
We have a 3550 acting as a gateway for a small subnet filtering
unwanted packets. Today we got a DoS, all evil packets died on the switch,
so I was happy, but:
sh proc cpu | i (CPU|VFM)
CPU utilization for five seconds: 20%/5%; one minute: 17%; five minutes: 16%
65 2977272 19711175 151 14.82% 12.32% 11.34% 0 VFM Queue Proces
66 132 51 2588 0.00% 0.00% 0.00% 0 VFM/VQM Merge Pr
67 12 11 1090 0.00% 0.00% 0.00% 0 VFM Deferred Upd
There's still some DoS traffic, about 90 mbit/s of full sized udp (not
1500 but 65000, so a lot of fragments), I guess it is the reason of this
'high' cpu load, but I don't really see why, since all of this traffic
gets dropped on ingress.. Also a "vfm site:cisco.com" revelaed nothing
about it.
So, the question is, what is VFM and why does it need so many CPU?
More information about the cisco-nsp
mailing list