[c-nsp] NPE G1, CEF and ACLs and high CPU

Thu Sep 11 09:03:30 EDT 2008

You go to 12.4(20)T and do an EPC capture on the punt path.

I'm going to type up a wiki showing some examples today I hope.

I'll try to post it back out.

Rodney

On Thu, Sep 11, 2008 at 02:12:27PM +0200, David Granzer wrote:
> Hello,
> 
> On 9/5/08, Rodney Dunn <rodunn at cisco.com> wrote:
> > But make sure you do:
> >
> >  config t
> >  int null 0
> >  no ip unreachables
> >
> >  The ACL drops are, last I checked, rate limit punts.
> >
> >  If it's high CPU at IP Input really need 12.4(20)T and get
> >  a sniffer trace in the punt path to see what traffic it really is.
> 
> How to sniff traffic punted to CPU (control-plane) on 7200/7301
> platform ? Is there something like rp-inband/sp-inband for 6500 ?
> 
> Thanks,
> David
> 
> 
> 
> On the 6500 is available SPAN RP-Inband and SP-Inband
> 
> >
> >
> >  Rodney
> >
> >
> >  On Thu, Sep 04, 2008 at 03:46:23PM -0400, Stephen Kratzer wrote:
> >  > On Thursday 04 September 2008 15:12:12 Mateusz B??aszczyk wrote:
> >  > > 2008/9/4 Stephen Kratzer :
> >  > > > The 'log' keyword will cause matching packets to not be CEF switched.
> >  > >
> >  > > nope, log is not present.
> >  > >
> >  > > > Also, if
> >  > > > you're denying a lot of traffic from a certain source, you might want to
> >  > > > just bit-bucket it rather than sending ICMP responses.
> >  > >
> >  > > you mean - "no ip unreachables"?
> >  >
> >  > You could match the access list in a route map and set the outbound interface
> >  > to Null0.
> >  > _______________________________________________
> >  > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >  > https://puck.nether.net/mailman/listinfo/cisco-nsp
> >  > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >  _______________________________________________
> >  cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >  https://puck.nether.net/mailman/listinfo/cisco-nsp
> >  archive at http://puck.nether.net/pipermail/cisco-nsp/
> >