[c-nsp] ddos attack makes c6509 cpu soared.
MontyRee
chulmin2 at hotmail.com
Tue Apr 1 02:13:19 EDT 2008
Hello all.
I have operated sup720 based c6509(DFC3 included) with time-based sampling netflow enabled.
Some days ago, there was a ddos attack against the server over 1Mpps,
then the cpu of the c6509 soared from 5 to 95.
As I know, sup720 based c6509 can do services upto 30Mpps,
but I can't understand why the cpu is high?
Is there any relations with netflow enabled config?
cisco website says that the flow number of netflow supports to 128,000.
Then, should I disable netflow when ddos attacked?
Thanks for your help..
Reagrds..
_________________________________________________________________
MSN ¸Þ½ÅÀúÀÇ Â÷¼¼´ë ¹öÀü, Windows Live Messenger!
http://windowslive.msn.co.kr/wlm/messenger/
More information about the cisco-nsp
mailing list