[c-nsp] Drop rule at the end of CoPP conflicts with MAC learning

William McCall william.mccall at gmail.com
Thu Jul 4 16:34:33 EDT 2013 

Rolf--

I'd take a netdr capture and maybe an ELAM capture of the arp reply. If 
it doesn't show in the netdr, it was killed off in HW. ELAM *may* give 
you some additional insight.

Btw, are you running with DFCs? If so, the DFCs do the HWRL/CoPP from 
the HW perspective.

--WM

On 07/01/2013 07:44 AM, "Rolf Hanßen" wrote:
> Hi,
>
> If I had a support contract for that box I would open a tac case now. ;)
>
> kind regards
> Rolf
>
>> On 28/06/2013 17:55, "Rolf Hanßen" wrote:
>>> does not look like this is a general hardware version issue.
>> mmm, ok.  I would:
>>
>> - run a context diff on the configuration on each of these machines to
>> ensure that there are no syntactic differences
>>
>> - disable and then re-enable copp on the affected box to ensure that it's
>> reprogrammed correctly into the hardware (sometimes things get messed up
>> on
>> the way down to the line cards)
>>
>> - compare the output of "show mls rate-limit" on all machines
>>
>> - check your platform acl tcam capacity using "show platform hardware
>> capacity acl", to ensure that you still have some acl tcam space available
>> for your copp config.
>>
>> If this doesn't point towards a resolution, I'd open up a tac case.
>>
>> Nick
>>
>>
>>> But I found a box with the same hardware versions:
>>>
>>> Mod  Port Model              Serial #    Versions
>>> ---- ---- ------------------ -----------
>>> -------------------------------------
>>>    5    2  WS-SUP720-3B       ########### Hw : 5.3
>>>                                           Fw : 8.4(2)
>>>                                           Sw : 12.2(33)SXJ
>>>                                           Sw1: 20.1(1)SXJ
>>>            WS-SUP720          ########### Hw : 2.6
>>>                                           Fw : 12.2(17r)SX7
>>>                                           Sw : 12.2(33)SXJ
>>>            WS-F6K-PFC3B       ########### Hw : 2.3
>>>
>>> This box also works as soon as I enter "mls rate-limit unicast cef glean
>>> 500".
>>>
>>> kind regards
>>> Rolf
>>>
>>>>> Any further ideas except hardware failure, buggy software or "try
>>>>> rebooting it" ?
>>>> Could be a hardware issue.  As someone else mentioned (Phil?), this
>>>> particular feature is hardware revision dependent.
>>>>
>>>> What hardware versions are each of your SUP720s (show module)?
>>>>
>>>> Nick
>>>>
>>>>
>>>>
>>>
>>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list