3750G ICMP echo/ICMP time exceeded treatment (was RE: [c-nsp] 3750G
packet loss)
Ed Butler - RapidSwitch
ed.butler at rapidswitch.com
Wed Oct 19 13:45:41 EDT 2005
I've done some further digging on the packetloss to the 3750 stack we have
here.
My tests show 2.5kpps of ICMP ECHO causes the CPU load to increase to 60%.
However, more concerning is the ICMP time exceeded message (eg from a
traceroute) seems not to be answered at what I'd consider a reasonable rate.
I've had as low as 60pps of type 11 ICMP messages (the time exceeded ones)
causing some loss. However, it has no discernible affect on the CPU usage.
Is this by accident or design? Why would Cisco treat the two different types
of ICMP so differently?
Regards,
Ed Butler
RapidSwitch Ltd
DDI: 020 7106 0731
RapidSwitch Ltd, 5th Floor, Sovereign House, 227 Marsh Wall, London, E14 9SD
This email message is intended only for the addressee(s) and contains
information that may be confidential and/or copyright. If you are not the
intended recipient please notify the sender by reply email and immediately
delete this email. Use, disclosure or reproduction of this email by anyone
other than the intended recipient(s) is strictly prohibited. No
representation is made that this email or any attachments are free of
viruses. Virus scanning is recommended and is the responsibility of the
recipient.
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ed Butler -
RapidSwitch
Sent: 14 October 2005 19:28
To: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] 3750G packet loss
I agree that it's sensible for the control plane to be protected. But ICMP
is a useful problem finding tool, and it's being too aggressive for our
needs at the moment.
If the 3750 is rate limiting ICMP; are there any ways to configure this?
I'd sleep much better if I knew at what point it was rate limiting, what it
was limiting too, and had configurable limits.
We're forwarding everythiing in hardware on the 3750 stack; it's all CEF (or
dCEF to be precise). CPU usage generally hovers around 10%.
I can't find any Cisco docs on the 3750 rate-limiting ICMP, can anyone point
me to these?
Regards,
Ed Butler
RapidSwitch Ltd
DDI: 020 7106 0731
RapidSwitch Ltd, 5th Floor, Sovereign House, 227 Marsh Wall, London, E14 9SD
This email message is intended only for the addressee(s) and contains
information that may be confidential and/or copyright. If you are not the
intended recipient please notify the sender by reply email and immediately
delete this email. Use, disclosure or reproduction of this email by anyone
other than the intended recipient(s) is strictly prohibited. No
representation is made that this email or any attachments are free of
viruses. Virus scanning is recommended and is the responsibility of the
recipient.
-----Original Message-----
From: sthaug at nethelp.no [mailto:sthaug at nethelp.no]
Sent: 14 October 2005 18:53
To: ed.butler at rapidswitch.com
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 3750G packet loss
> I've investigated the 3750G problem with it dropping packets to its IP
> interface as below.
Why do you believe it's a problem? A good router these days *needs* to
protect itself, which (among others) usually means some form of rate
limiting or policing of traffic to the router itself.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list