[c-nsp] Virtual-Template DOS?
Masood Ahmad Shah
masood at nexlinx.net.pk
Fri Jan 18 10:42:25 EST 2008
There are different types of DoS attack for Cisco PPPoE services. I wonder
you might be getting too many PPPoE sessions from a customer. I suggest you
use debug vpnd things and get the real picture; keeping in mind that you
know the over heads of using debug commands :)
Here is something you can do to prevent such PPPoE DoS attacks ....
bba-group pppoe vpn1
virtual-template 1
sessions per-vc limit 1 (1 max number of vpdn session per-vc)
sessions per-mac limit 1 ( 1 max number of vpnd session per-mac)
Regards,
Masood Ahmad Shah
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Duracom Lists
Sent: Friday, January 18, 2008 8:08 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Virtual-Template DOS?
I have been terminating DSL on my 7206vxr for quite some time. My router
began acting sluggish the last couple of days for some odd reason the cpu
was being pegged out. Below was what was in the logs non stop. I only have
5 DSL customers terminated to this router. In order for me to get the CPU
down I had to issue a no vpdn-group 1 to drop all the tunnels?
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-IS-M), Version 12.2(29), RELEASE SOFTWARE
(fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 11-May-05 15:38 by kellmill
Image text-base: 0x60008940, data-base: 0x61314000
ROM: System Bootstrap, Version 12.2(4r)B2, RELEASE SOFTWARE (fc2)
BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.3(6), RELEASE SOFTWARE
(fc3)
Dua-7206 uptime is 11 hours, 14 minutes
System returned to ROM by reload at 21:48:50 CST Thu Jan 17 2008
System restarted at 21:49:52 CST Thu Jan 17 2008
System image file is "slot0:c7200-is-mz.122-29.bin"
cisco 7206VXR (NPE400) processor (revision A) with 491520K/32768K bytes of
memory.
Processor board ID 21304031
R7000 CPU at 350Mhz, Implementation 39, Rev 3.3, 256KB L2, 4096KB L3 Cache
6 slot VXR midplane, Version 2.1
Jan 18 08:55:40: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
up
Jan 18 08:55:40: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
down
Jan 18 08:55:48: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
up
Jan 18 08:55:49: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
down
Jan 18 08:55:54: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
up
Jan 18 08:55:55: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
down
Jan 18 08:56:02: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
up
Jan 18 08:56:06: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
up
Jan 18 08:56:07: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
down
Jan 18 08:56:11: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
down
Jan 18 08:56:19: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
up
Jan 18 08:56:21: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
down
Jan 18 08:56:25: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
up
Jan 18 08:56:28: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
down
Jan 18 08:56:36: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
up
Jan 18 08:56:37: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
down
Jan 18 08:56:43: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
up
Jan 18 08:56:43: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
down
Jan 18 08:56:51: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
up
Jan 18 08:56:55: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
up
Jan 18 08:56:55: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
down
Jan 18 08:56:59: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
down
Jan 18 08:57:07: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
up
Jan 18 08:57:11: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
up
Jan 18 08:57:12: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
down
Jan 18 08:57:18: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
down
Jan 18 08:57:27: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
up
Jan 18 08:57:29: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
down
Jan 18 08:57:33: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
up
Jan 18 08:57:35: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
down
Jan 18 08:57:43: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
up
Jan 18 08:57:45: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
down
Jan 18 08:57:49: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
up
Jan 18 08:57:49: %LINK-3-UPDOWN: Interface Virtual-Access5, changed state to
down
Jan 18 08:57:57: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
up
Jan 18 08:58:01: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
up
Jan 18 08:58:03: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to
down
Jan 18 08:58:07: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to
down
Jan 18 08:58:15: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
up
Jan 18 08:58:19: %LINK-3-UPDOWN: Interface Virtual-Access4, changed state to
up
Jan 18 08:58:21: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to
down
Kris
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list