[c-nsp] Bug ID CSCdy72539 For GRE Tunneling on 6500 PFC3B
Sukumar Subburayan
sukumars at cisco.com
Fri Dec 8 14:07:32 EST 2006
Just an FYI, based on popular customer demand/request for
troubleshooting instrumentation, we are targetting this CPU
capture feature for an upcoming release for the Cat65xx, so that, it is
more user friendly, extensible and customizable.
It will be able to capture traffic bound to RP/SP CPU and store
as files in capture formats, in local flash devices, which then can be
shipped to Cisco TAC for further analysis or be opened with sniffer
utilities like Ethereal.
sukumar
On Fri, 8 Dec 2006, Phil Mayers wrote:
> Dale W. Carder wrote:
>> On Dec 8, 2006, at 5:59 AM, Gert Doering wrote:
>>> On Fri, Dec 08, 2006 at 08:08:43AM +0100, Asbjorn Hojmark - Lists
>>> wrote:
>>>> I would do a sniffer trace of the data going to the CPU. I you
>>>> haven't done that before, I suggest you open a TAC case.
>>> Being curious, but not willing to open a TAC case for *that* - is
>>> there
>>> public documentation available how to monitor "punt to CPU" traffic?
>>
>> It's extremely useful for troubleshooting high cpu load, and for
>> profiling traffic to set up CoPP. This procedure is not widely known
>> probably for a good reason, and possibly dangerous. Use at your own
>> risk:
>
> This is an awesomely useful procedure. My understanding is that in fact
> the mirroring is performed in hardware by configuring the replication
> chip to mirror the internal gigE port that faces the RP. So in principle
> it ought to be relatively safe. As Dale says though - own risk...
>
> I've found all kinds of junk on our network with this.
>
> Something else to note - you can use (I have successfully used on many
> occasions) an erspan (span over GRE) session as the target, allowing
> remote mirroring.
>
> (I wrote a little python erspan->pcap util for this)
>
>>
>> 1) Set up a span session with a source port that is down:
>>
>> monitor session 2 source interface Fa8/24 (down)
>> monitor session 2 destination interface Gi6/9 (sniffer)
>>
>> 2) Then on the switch processor via remote login switch, configure
>
> For those unfamiliar, that would be "attach X" where X is the slot of
> the active sup.
>
>> test monitor session 2 add rp-inband tx
>
> You can also mirror the SP if you've having a layer2 protocol issue.
>
> Also, do NOT forget to disable the RP/SP mirroring before disabling the
> monitor session.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list