[c-nsp] Temporarily disable all forwarding on ASR9K

Pete Lumbis alumbis at gmail.com
Wed Aug 14 21:43:35 EDT 2013 

This raises a good point.

Is the goal to simulate a black-hole that could be seen with an incorrect
adjacency, where control plane is healthy but data plane is broken, or is
the goal to simulate taking this device offline?

Do we care about carrier on the interfaces?


On Wed, Aug 14, 2013 at 6:19 PM, arulgobinath emmanuel
<arulgobi at gmail.com>wrote:

> null0 doesn't cause the NHRP to trigger IMHO  this will be a disaster  .
> shut / no shut is the easiest but it doesn't simulate the whole part.
> real test comes when the modules crash when reloading specially after
> couple of years... :)
> what if we copy a empty config ??? and rollback the config ? i didn't test
> this anyway .
>
>
> On Wed, Aug 14, 2013 at 10:13 PM, Pete Lumbis <alumbis at gmail.com> wrote:
>
>> Copy/paste a bunch of null0 routes?
>>
>> deny any acls on interfaces?
>>
>>
>> On Wed, Aug 14, 2013 at 10:54 AM, John Neiberger <jneiberger at gmail.com
>> >wrote:
>>
>> > We need to upgrade some ASR9Ks that have a lot of connected devices with
>> > complex interrelationships and we have to do a lot of work to make sure
>> all
>> > the correct redundancy is in place prior to the upgrade. Since the
>> router
>> > takes so long to reload, I'd like to find a way to essentially simulate
>> the
>> > loss of forwarding for a minute or so to verify that our redundancy
>> > preparations were thorough, but I need to be able to back out of it
>> > quickly. I thought about shutting down the linecards but that's still a
>> > fairly long restart. I'm hoping to find some method much faster than
>> that.
>> >
>> > The simplest and most straightforward way is to shut down all the
>> > interfaces manually and then rollback if necessary. We can take it out
>> of
>> > routing by setting the overload bit in ISIS, but that still leaves
>> routing
>> > and forwarding in place for locally connected interfaces, which is what
>> we
>> > want to stop. We were tossing around some ideas and wondered, probably
>> just
>> > academically, if there were a way to completely stop forwarding
>> > temporarily.
>> >
>> > Is there a way to disable forwarding through an ASR9K that is easily and
>> > quickly reversible? We'll probably do the interface shutdown method
>> since
>> > it's so simple, but now I'm curious what other options might be
>> available.
>> > _______________________________________________
>> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> > https://puck.nether.net/mailman/listinfo/cisco-nsp
>> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>> >
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
>

More information about the cisco-nsp mailing list