[c-nsp] SXI3 strange issue, Loose mode uRPF jumps to strict by itself

Mack McBride mack.mcbride at viawest.com
Thu Jul 29 16:15:03 EDT 2010


Yes, This is true on all 6500/7600 platforms with all code.
I don't know why they put the loose/strict as an interface level setting since it is global.

Mack

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jared Mauch
Sent: Thursday, July 29, 2010 1:32 PM
To: bas
Cc: Cisco
Subject: Re: [c-nsp] SXI3 strange issue, Loose mode uRPF jumps to strict by itself

On the SUP720/EARL7 unicast-rpf is a global setting on the device.

If someone changes *any* interface to strict, all interfaces with u-rpf enabled will change to strict.

- jared

On Jul 29, 2010, at 3:21 PM, bas wrote:

> Hi All,
> 
> Yesterday we had a strange issue.
> Our monitoring tool alerted that one of our boxes (SUP720-3BXL - 6506
> running SXI3) became unreachable.
> 
> When we logged in everything looked ok.
> BGP was up, OSPF was up and nothing special in logging.
> Still traffic had dropped to near zero.
> 
> With "debug ip cef drop" we immediately saw that traffic was dropped
> due to uRPF feature.
> All upstream interfaces had strict mode uRPF configured, before the
> problems started it was loose mode uRPF.
> 
> After manually changing them back too loose mode traffic was restored.
> 
> A couple of minutes before the problems started an engineer had
> configured a customer facing interface with strict mode uRPF.
> Apparently this configuration changed triggered a bug that caused
> upstream interface loose mode to be automagically turned to strict
> mode.
> 
> So, hereby a heads up. If your SXI3 boxes show strange behavior,
> quickly check uRPF.
> 
> Cya,
> 
> Bas
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list