[c-nsp] 2621 running mlppp
Voll, Scott
Scott.Voll at wesd.org
Wed May 2 14:40:50 EDT 2007
Cef is on (do I want it off?) That would really kill the processor
wouldn't it?
No ACL;s
No Accounting
No nat
No nbar
Just routing internet traffic over two t1's using mlppp.
I just didn't want to take a sniffer all the way out there. Bummer.
Scott
-----Original Message-----
From: virendra rode // [mailto:virendra.rode at gmail.com]
Sent: Wednesday, May 02, 2007 11:33 AM
To: Voll, Scott
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 2621 running mlppp
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Scott,
Voll, Scott wrote:
> What should the cpu look like on a 2621 running mlppp with two t1's?
> 50% - 90% seem normal? I wouldn't think it should NOT be that high.
> I'm guessing some kind of virus is causing problems. If you don't
have
> Netflow setup how do you find the problem? Code is 12.3.22.
- -------------------------
the following is based on my recent fire fighting call for mlppp on
2621,
- - make sure you have enough memory if indeed cef is enabled (gulp).
- - check for any log entries for any acls entries
- - look for accounting keyword that may be enabled
- - like you mentioned, what if something malicious is running loose
- - slap a sniffer
- - is nat enabled?
- - do you have nbar running, if so, you can take advance of built-in
application-layer packet sniffing
any further info will help.
good luck.
regards,
/virendra
>
>
>
> Thanks
>
>
>
> Scott
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGONljpbZvCIJx1bcRAmDCAJ9Ax5HHQleTffYUypxCdYb1I5oX4QCfc+b6
Atj6OjDqJ7Suc076/pycuqk=
=2c07
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list