[c-nsp] CEF Scanner Woe

David Freedman david.freedman at uk.clara.net
Mon Jun 21 13:05:59 EDT 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Have a GSR running 12.0(32)S14 with an E2 attached to a LAN, every time
IPv6 is enabled on the LAN and some traffic is routed through the
interface the card goes crazy with CEF scanner CPU (show alas, no show
ipv6 cef events command to assist)

A "debug ip cef scanner" on the linecard itself yields these strange
messages only when the incident is occuring:

SLOT 4:Jun 21 18:45:59 CEST: CEF: scanner triggered by tfib mac update
action trigger context GigabitEthernet4/1 - 254.128.0.0

SLOT 4:Jun 21 18:45:59 CEST: CEF: scanner triggered by tfib mac update
action wake

SLOT 4:Jun 21 18:46:00 CEST: CEF: scanner triggered by tfib action trigger

SLOT 4:Jun 21 18:46:03 CEST: CEF: scanner triggered by tfib mac update
action trigger context GigabitEthernet4/1 - 254.128.0.0

SLOT 4:Jun 21 18:46:03 CEST: CEF: scanner triggered by tfib mac update
action wake

SLOT 4:Jun 21 18:46:03 CEST: CEF: scanner triggered by tfib action trigger

SLOT 4:Jun 21 18:46:09 CEST: CEF: scanner triggered by tfib mac update
action trigger context GigabitEthernet4/1 - 254.128.0.0

SLOT 4:Jun 21 18:46:09 CEST: CEF: scanner triggered by tfib mac update
action wake

SLOT 4:Jun 21 18:46:09 CEST: CEF: scanner triggered by tfib action trigger


254.128.0.0 is the first 16 bits, the FE80 prefix (link local) as you
can see, hopefully this is only cosmetic corruption :)

Can't seem to find a bug in any of the S train which is like this,
interface config is as follows:

interface GigabitEthernet4/1
 description biglan
 ip address 10.0.0.1 255.255.252.0
 no ip redirects
 no ip directed-broadcast
 no ip proxy-arp
 no keepalive
 no negotiation auto
 ipv6 address 2001:DB8::1234:0:1/64
 ipv6 enable
 no ipv6 redirects
 ipv6 nd ra-lifetime 0
 ipv6 nd prefix default no-advertise
 ipv6 nd suppress-ra
 arp timeout 7200
 no cdp enable

I'd consider an upgrade, were this not a GRP-B box and knowing nothing
above 12.0(32)S15 has been compiled for GRP-B which is available from
CCO (and S15 caveats don't look wonderfully interesting other than the
security vulnerabilities which need to be upgraded for anyway)

Any help appreciated

- --

David Freedman
Group Network Engineering

david.freedman at uk.clara.net
Tel +44 (0) 20 7685 8000

Claranet Group
21 Southampton Row
London - WC1B 5HA - UK
http://www.claranet.com

Company Registration: 3152737 - Place of registration: England

All the information contained within this electronic message from
Claranet Ltd is covered by the disclaimer at
http://www.claranet.co.uk/disclaimer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwfm/cACgkQtFWeqpgEZrIjfACePv8wswasr2nIcO3T8tIQ8tpv
2f0An0N+a7zC5HdE8vuRVOoVUEsXGsJI
=vw0g
-----END PGP SIGNATURE-----

More information about the cisco-nsp mailing list