[c-nsp] Best practices for Cat6500

Robert Hass robhass at gmail.com
Mon Nov 1 06:00:05 EDT 2010 

Hi

I'm looking for best practices for configuring few features on
Cat6500/Sup720 (running IOS SXI4a). This machine is mainly acts as
edge switch (a lot of VLANs, a lot of GE ports to customers and other
our switches) and edge router (BGP full-feeds, EIGRP for backbone).

1) mls rate-limit

My current configuration only consist few rate-limiters:

mls rate-limit unicast ip rpf-failure 300 30
mls rate-limit unicast ip icmp unreachable no-route 300 30
mls rate-limit unicast ip icmp unreachable acl-drop 300 30
mls rate-limit unicast ip errors 300 30

Should I consider to configure more mls rate-limiters ?

I would like to implement 'mls rate-limit layer2 pdu'. How I can check
how many layer2 pdu packets are coming to RP ? And SNMP Oid or CLI
command to show this ?

2) CPU Usage

After upgrade from IOS SXH6 to IOS SXI4a I see more cpu usage -
sometimes EIGRP peers flaps and HSRP failover. I've got full BGP
convergence after reload in 13 minutes. Earlier on SXH I've got the
same in eg. 9 minutes and there wasn't any problems with HSRP/EIGRP
flapping. Anything interesting change on SXI4a release comparing to
SXH ? I noticed only 32-bit ASN which caused a lot more of
update-groups - few customer and iBGP peers doesn't support 32bit ASN
so they moved to separate update-groups.

3) Automatic BGP refresh

When I change something in route-map for inbound BGP prefixes I
noticed that Cat6500 automatically refresh inbound BGP router
(automatically doing something like clear ip bgp x.x.x.x in). Is is
new feature in SXI4a ?

4) NetFlow only for packets going to RP/SP

Is any way to export NetFlow (v5 or v9) information for packets coming
to RP/SP only ? I would like to check whats coming to software
switching by RP/SP for develop control-plane policing are decrease CPU
usage for eg. ICMP traffic.

5) Supervisor Redundancy

I would like to add redundant Sup720. Is IOS automatically will switch
to second Supervisor when primary :
a) Will crash (software error/bug)
b) Will fail (hardware failure)

In my configuration I'm using old classic bus cards (3 x WS-X6408A-GBIC).

Regards,
Robert

More information about the cisco-nsp mailing list