[c-nsp] netflow on sup1a

christian.macnevin at uk.bnpparibas.com christian.macnevin at uk.bnpparibas.com
Wed Aug 23 13:49:00 EDT 2006


Well, you can't hope for much more direct than that.

So at what level do we become 'safe'? The sup2? The 720?





Internet
tstevens at cisco.com

23/08/2006 16:58

To
Christian MACNEVIN, cisco-nsp
cc

Subject
Re: [c-nsp] netflow on sup1a






At 02:02 PM 8/23/2006 +0100, christian.macnevin at uk.bnpparibas.com opined:
>Hello again helpful ones,
>
>We're looking at implementing Crannog here, for which we need to tune all
>of our netflow to its
>fastest aging timers and export frequency. I've got the lads to test the
>recommended settings
>on a few platforms here, and while the 4500 with an onboard NSC did fine,
>a 6k with sup1A hated
>it and CPU usage jumped from around 15-20% to peaking at 80. The guys
>backed out after
>five minutes of that.
>
>The device is running in hybrid mode. The PFC onboard supports Netflow I
>believe, but I'm wondering
>if this architecture first punts the packets to the SP before the ASIC
>sees them or something?

Yes, and it will do it again & again every time a flow, active or
not, is expired from the h/w to export due to your low aging timers.

Tim


>The config they ran (just in CatOS, didn't get to the MSFC):
>
>set mls nde <destination> 9991
>set mls nde version 7
>set mls agingtime long 64
>set mls agingtime 32
>set mls flow full
>set mls nde enable
>
>Cheers
>Christian
>
>
>This message and any attachments (the "message") is
>intended solely for the addressees and is confidential.
>If you receive this message in error, please delete it and
>immediately notify the sender. Any use not in accord with
>its purpose, any dissemination or disclosure, either whole
>or partial, is prohibited except formal approval. The internet
>can not guarantee the integrity of this message.
>BNP PARIBAS (and its subsidiaries) shall (will) not
>therefore be liable for the message if modified.
>
>**********************************************************************************************
>
>BNP Paribas Private Bank London Branch is authorised
>by CECEI & AMF and is regulated by the Financial Services
>Authority for the conduct of its investment business in
>the United Kingdom.
>
>BNP Paribas Securities Services London Branch is authorised
>by CECEI & AMF and is regulated by the Financial Services
>Authority for the conduct of its investment business in
>the United Kingdom.
>
>BNP Paribas Fund Services UK Limited is authorised and
>regulated by the Financial Services Authority
>
>_______________________________________________
>cisco-nsp mailing list  cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/



Tim Stevenson, tstevens at cisco.com
Routing & Switching CCIE #5561
Technical Marketing Engineer, Catalyst 6500
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759
********************************************************
The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.


More information about the cisco-nsp mailing list