[c-nsp] Reasons for "random" ISIS flapping?

[Peter Rathlev]

On Wed, 2013-08-07 at 12:37 +0200, Peter Rathlev wrote:
> I've started recording the RP traffic. Unfortunately I can't do a local
> capture of this traffic, so I have to resort to ERSPAN. Which is fine
> except if the device actually loses connectivity shortly when
> experiencing this.
> 
> I'll wait with adjusting anything until next time I see the problem,
> hoping that I can come closer to a reason.

As a follow up, the next time it happened we had a look at the traffic
sent to the RP CPU and could see a flood of multcast packets destined
for 239.255.255.253 from a remote host. The traffic is forwarded by the
primary router connected to this VLAN (where the affected device is a
standby router) and hits the affected device on the LAN side.

It was an error that this traffic could traverse the network at all, but
technically someone could do this locally. The affected device has "mls
rate-limit multicast ipv4 connected 500 50" which I would have guessed
would actually limit what the CPU receives. I didn't seem to though, so
what am I doing wrong? :-)

As far as I remember CoPP can't help with multicast traffic in hardware.
Is it one of the other mls rate-limiters I need?

-- 
Peter