[c-nsp] 3750G packet loss
Saku Ytti
saku+cisco-nsp at ytti.fi
Fri Oct 14 14:15:15 EDT 2005
On (2005-10-14 13:04 +0300), Saku Ytti wrote:
> > Packets Pings
> > Host Loss% Snt Last Avg Best Wrst StDev
> > 1. cisco3750 81.6% 1227 0.4 0.5 0.3 2.7 0.3
> > 2. linuxhost 0.0% 1227 0.2 0.2 0.1 16.2 1.7
> >
> > Does anyone have any experience with a similar problem or situation, and can
> > advise how to deal with it?
>
> 3750 has quite agressive defences against the control-plane. You can give
> it's control-plane 1.4Mpps of packets and your OSPF/BGP will stay up and it will
> forward packets normally.
Heh, after reading Steinar's post, I reread your email and noticed that
it was act actually 120pps (I assumed 1pps:). Yes, indeed it's normal for
3750 to aggressively rate-limit generating icmp, punting etc. And
you'll love it, when you get your first DoS attack against it's control
plane, it'll just keep working (unless the DoS attack happens to be OSPF
or BGP, which you should drop in ACL. There was possibility for the 3750
team to program ACL based on bgp neighbor statements, but they wanted
to conserve TCAM space for users and didn't do this automaticly. Originally
BGP was not considered priority traffic at all, only OSPF).
--
++ytti
More information about the cisco-nsp
mailing list