[c-nsp] ddos attack makes c6509 cpu soared.
Roland Dobbins
rdobbins at cisco.com
Tue Apr 1 04:19:34 EDT 2008
On Apr 1, 2008, at 3:10 PM, Peter Rathlev wrote:
> Doing sampled Netflow should reduce the problem a little, even though
> you might end up generating almost the same number of flows and thus
> the
> same amount of exports.
Sampling on 6500/7600 is export telemetry flow-sampling, not packet-
sampling which controls flow generation, keep in mind. As you
indicate, if NDE was the process hogging the CPU, there are various
things which can be done to tune it, including export telemetry
sampling, mls timer adjustments, flow-mask adjustments, etc.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at cisco.com> // +66.83.266.6344 mobile
History is a great teacher, but it also lies with impunity.
-- John Robb
More information about the cisco-nsp
mailing list