[c-nsp] NBAR on SVI on 7600 w/ Sup720
Alex K.
nsp.lists at gmail.com
Tue Jan 22 04:47:19 EST 2013
Hi Oliver,
Exactly - not supported. It implies that *if it works (not on SIP-200), it
must be software'.
I came across this document before I sent the question. As it seems, that
what I'll use.
I'm looking for a document that say implicitly 'NBAR implementation is
software based' to be sure we didn't run into some sort of
bug/mis-configuration.
Thank you.
Best Regards,
Alex.
On Jan 22, 2013 8:04 AM, "Oliver Boehmer (oboehmer)" <oboehmer at cisco.com>
wrote:
> Alex,
>
>
> On 22/01/2013 01:19, "Alex K." <nsp.lists at gmail.com> wrote:
>
> >Hi Pete,
> >
> >We're running 12.2(33)SRA6.
> >
> >
> >On SIP-200 it's running fine (as expected). Configuring
> >NBAR-using-policy-map on an *SVI*, causes high CPU Interrupts.
> >
> > I do believe it's being punted to a CPU.
> >
> >But this time I need a document that clearly states that i.e. on SIP-200
> >by hardware, on SVI by software and this is not a bug/some other
> >malfunctioning.
> >
> >I'm asking for a document from which we can understand that, yes, using
> >NBAR on an SVI will make those packets punted. Technically I agree with
> >you
> >completely, most likely that¹s what happening.
>
>
> http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/qo
> s.html says "The PFC does not support Network-Based Application
> Recognition (NBAR).", this is valid for earlier SW releases as well. So
> your config on the SVI is not supported.
>
> SIP200 Datasheets clearly state NBAR support.
>
> oli
>
>
More information about the cisco-nsp
mailing list