[c-nsp] 3750 High Cpu IP Input

Lee ler762 at gmail.com
Fri Apr 24 11:51:42 EDT 2009


On 4/24/09, Ramcharan, Vijay A <vijay.ramcharan at verizonbusiness.com> wrote:
> Last I checked "no ip unreachables" breaks PMTUD which can be fine in your
> environment or cause other serious problems.

Earlier Q&A in the thread:
> how many routed interfaces do you have ( sh ip int brief with ip addresses ) ?
> > 1 routed interface.

Is "no ip unreachables" going to break PMTUD on that box?

Lee


>
> Vijay Ramcharan
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Lee
> Sent: April 24, 2009 11:10
> To: Marian Ďurkovič
> Cc: Chris Lane; Richard Gallagher; cisco-nsp
> Subject: Re: [c-nsp] 3750 High Cpu IP Input
>
> On 4/24/09, Marian Ďurkovič <md at bts.sk> wrote:
>> On Fri, Apr 24, 2009 at 10:01:08AM -0400, Lee wrote:
>>> > These TTL=1 are causing the high CPU.
>>
>> Yes, those are not HW switched but punted to CPU in order to generate
>> TTL_Exceeded ICMP message. Not sure if there's any knob to discard
>> them silently.
>
> I thought that's what "no ip unreachable" was for..
>
>
>>> Just out of curiousity, would adding "ip multicast ttl-threshold 3"
>>
>> Beware, this is real evil. On most switch platforms this will completely
>> disable HW forwarding of multicast packets and punt them *all* to CPU.
>
> oops...  shows how much I know <grin>
>
> Thanks,
> Lee
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> ______________________________________________________________________
> This e-mail has been scanned by Verizon Managed Email Content Service, using
> Skeptic  technology powered by MessageLabs. For more information on Verizon
> Managed Email Content Service, visit http://www.verizonbusiness.com.
> ______________________________________________________________________
>


More information about the cisco-nsp mailing list