[c-nsp] Sup720, multicast bothers the CPU

John Neiberger jneiberger at gmail.com
Wed Mar 23 15:39:51 EDT 2011


Agreed. Just enable PIM. A *,G entry will be created with the Drop
flag set so that all that traffic will get dropped in hardware.
However, if you also have an RPF issue, those packets still get punted
to the CPU, in which case you'll need to turn on mls rate-limiting for
non-rpf multicast packets.

John

On Wed, Mar 23, 2011 at 8:47 AM, Chris Evans <chrisccnpspam2 at gmail.com> wrote:
> Peter. Yes just enable igmp snooping and querier.  Easier way is to enable
> pim which does the rest.  Traffic that has a low ttl of one will still get
> punted to the CPU..
> On Mar 23, 2011 5:18 AM, "Peter Rathlev" <peter at rathlev.dk> wrote:
>> On Wed, 2011-03-23 at 09:04 +0000, Phil Mayers wrote:
>>> If you just want to drop all multicast, you could try:
>>>
>>> int VlanXX
>>> ip multicast boundary MULTICAST-drop
>>> ip access-list standard MULTICAST-in
>>> deny 224.0.0.0 15.255.255.255
>>
>> Would that also discard forwarding of multicast packets L2-wise? Or only
>> L3-wise?
>>
>>> Is the sender attached directly to a port on the 6500? There are some
>>> newer features related to layer2 (as opposed to layer3) multicast ACLs
>>> in SXH/SXI.
>>
>> The devices in question are not directly connected, but some might be in
>> the future.
>>
>>> > The box in question does not have any multicast configuration at all.
>>> > Does this mean all multicast traffic is sent to the CPU? How would one
>>> > configure a Sup720 to not punt every multicast packet to the CPU?
>>>
>>> There are also mls rate-limiters for this, but I'm not sure off the top
>>> of my head which one you want - we have multicast configured so don't
>>> need them (the box builds hardware mfib entries, which stops the CPU
> punts)
>>
>> That has me interested: What can I configure to make the traffic
>> hardware swithed? Is it as simple as an IGMP querier or something like
>> that?
>>
>> --
>> Peter
>>
>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list