[c-nsp] DoS tracking on the 6500
Dale W. Carder
dwcarder at doit.wisc.edu
Fri Mar 18 10:37:25 EST 2005
On Mar 18, 2005, at 3:04 AM, Nitzan Tzelniker wrote:
> Try to run the command
> "sh mls ip count"
> if the output is more than 32000 you need sampling
My operational experience is that this is not necessarily true,
depending on your application. IIRC, on the Sup2+MSFC2, there
is an increased *probability* of netflow information being
lost, up to the hard cap of 128,000 entries. So, depending
on what you're doing, max'ing out the table can be good
enough, and possibly give you more resolution.
Dale
More information about the cisco-nsp
mailing list