[c-nsp] NPE G1, CEF and ACLs and high CPU
David Granzer
dgranzer at gmail.com
Thu Sep 11 08:12:27 EDT 2008
Hello,
On 9/5/08, Rodney Dunn <rodunn at cisco.com> wrote:
> But make sure you do:
>
> config t
> int null 0
> no ip unreachables
>
> The ACL drops are, last I checked, rate limit punts.
>
> If it's high CPU at IP Input really need 12.4(20)T and get
> a sniffer trace in the punt path to see what traffic it really is.
How to sniff traffic punted to CPU (control-plane) on 7200/7301
platform ? Is there something like rp-inband/sp-inband for 6500 ?
Thanks,
David
On the 6500 is available SPAN RP-Inband and SP-Inband
>
>
> Rodney
>
>
> On Thu, Sep 04, 2008 at 03:46:23PM -0400, Stephen Kratzer wrote:
> > On Thursday 04 September 2008 15:12:12 Mateusz B??aszczyk wrote:
> > > 2008/9/4 Stephen Kratzer :
> > > > The 'log' keyword will cause matching packets to not be CEF switched.
> > >
> > > nope, log is not present.
> > >
> > > > Also, if
> > > > you're denying a lot of traffic from a certain source, you might want to
> > > > just bit-bucket it rather than sending ICMP responses.
> > >
> > > you mean - "no ip unreachables"?
> >
> > You could match the access list in a route map and set the outbound interface
> > to Null0.
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list