[c-nsp] 2621 running mlppp
virendra rode //
virendra.rode at gmail.com
Wed May 2 15:05:15 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Voll, Scott wrote:
> Cef is on (do I want it off?) That would really kill the processor
> wouldn't it?
- ---------------------
Since cef caches the route table I would yes. This is exactly what
happened in my case. Ran out of memory.
Check and see how much memory is remaining.
Are you doing static or dynamic routing?
>
> No ACL;s
> No Accounting
> No nat
> No nbar
>
> Just routing internet traffic over two t1's using mlppp.
- ------------------
This is similar to my setup.
>
> I just didn't want to take a sniffer all the way out there. Bummer.
- --------------
Use your laptop if you can.
good luck.
regards,
/virendra
>
> Scott
>
> -----Original Message-----
> From: virendra rode // [mailto:virendra.rode at gmail.com]
> Sent: Wednesday, May 02, 2007 11:33 AM
> To: Voll, Scott
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] 2621 running mlppp
>
> Scott,
>
> Voll, Scott wrote:
>>> What should the cpu look like on a 2621 running mlppp with two t1's?
>>> 50% - 90% seem normal? I wouldn't think it should NOT be that high.
>>> I'm guessing some kind of virus is causing problems. If you don't
> have
>>> Netflow setup how do you find the problem? Code is 12.3.22.
> -------------------------
> the following is based on my recent fire fighting call for mlppp on
> 2621,
>
> - make sure you have enough memory if indeed cef is enabled (gulp).
> - check for any log entries for any acls entries
> - look for accounting keyword that may be enabled
> - like you mentioned, what if something malicious is running loose
> - slap a sniffer
> - is nat enabled?
> - do you have nbar running, if so, you can take advance of built-in
> application-layer packet sniffing
>
>
> any further info will help.
>
>
> good luck.
>
>
> regards,
> /virendra
>
>>>
>>>
>>> Thanks
>>>
>>>
>>>
>>> Scott
>>>
>>> _______________________________________________
>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGOODqpbZvCIJx1bcRAkaqAKCcp1g4naDqspgx+c4Ndb/uKHO8ggCdGGj/
o6oWEe8iZEnOigZVCdkQOkk=
=1/hM
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list