[c-nsp] RX No Buff Errors on 7206 w/NPE-G1

Justin Shore justin at justinshore.com
Fri Nov 2 10:06:22 EDT 2007 

So in the case of my border router it's likely that we simply got hit 
with a flood of packets (small scale attack perhaps?) and the G1 just 
couldn't handle it.  This seems likely since I saw the overruns on both 
the GigE int to the upstream provider and both GigE ints back to the 
core of our network.

This leads me into a slightly different topic then.  My apologies to 
Vincent for hijacking his thread.  I'm looking at placing a 7600 in our 
facility closest to our 2 main upstreams, both of which enter our 
facility on our own fiber.  This facility is a new data center and we 
expect a large number of PtPs so we gave both providers the opportunity 
to sit in our DC.  I don't have a stellar optical system to transport 
Internet connections from either provider back to our main POP.  It 
would be Ethernet over Sonet (OC12s currently) and limited to FastE only 
without major upgrades around the ring, which would be inefficient and 
expensive to upgrade.  I was planning on setting a 7609-S at that 
location as part of our distribution layer and dual-home it back to the 
primary POP, ideally over 10G.  This router would give me the ability to 
touch both upstreams with a GigE interface.  I was planning on either 
bringing the 2 connections down on VLANs to the core and popping them 
off on access interfaces back to our existing border routers or by doing 
something with VRFs and MPLS.  The other option is terminating both of 
these upstream L3 connections on that new 7609.  However I'm leary about 
doing that for redundancy reasons, even with dual RSPs.  We've had to 
fully power cycle our 7613s on a number of occasions over the past year 
for an assorted of reasons.  The other option is to buy 2 7606-S chassis 
with or without dual RSPs to touch each provider.  I like this option 
better but that's more $$$.

So, I guess my question should be at what point do I replace our 
existing border routers (7206VXR w/ G1 and a 3845 (replaced by an 
identical 7206 as soon as I can free it up)) with 7600s?  Our combined 
bandwidth across all 3 providers is 80Mbps currently but we'll be 
bumping this up to 150Mbps soon and we just signed on a customer wanting 
a dedicated 20M.  Considering that we only had 16M 1.5 years ago, that 
we're just now bringing a data center online, and that we're rolling out 
ADSL2+ and FFTx I'd say we'll be at 500-750M in another 1.5 year's time, 
more if we resell to our neighboring rural providers.

Am I right in thinking that touching what will soon be our only 2 
providers with a single router be risky, even if it is fully redundant?

Thanks
  Justin


Rodney Dunn wrote:
> Almost every time I've ever been part of a troubleshooting session
> for Gige overruns and ignores it's microburst on the segment and the
> receiving router can't process the frames quick enough.
> 
> It's so hard to debug because without an analyzer on the wire you
> can't prove it's a micro burst.
> 
> The 65xx/76xx can move those frames are wire rate.
> 
> For small packets the G1 can't.
> 
> Rodney
> 
> On Thu, Nov 01, 2007 at 02:41:14PM -0500, Justin Shore wrote:
>> Vincent,
>>
>> I saw a similar problem a couple weeks ago with identical hardware 
>> acting as a border router running 12.4(11)T1.  I had overruns on Gi0/1 
>> and 2 which connect back to our core 7600s and Gi0/3 which is a 30meg 
>> link to one of our upstream providers.  Neither interface on either 7600 
>> had any errors.  I'm at a loss to explain either of our issues.
>>
>> Justin
>>
>>
>> Vincent Aniello wrote:
>>> On a 7206VXR with a NPE-G1 processor I am seeing input errors on a
>>> Gigabit Ethernet interface.  The input errors are due to "ignored"
>>> packets:
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list