[c-nsp] Sup720 dropping LDP neighbourships
Pete Lumbis
alumbis at gmail.com
Fri May 24 14:00:22 EDT 2013
Was it only LDP that dropped? Did you see any other control plane impact?
Were the timers the same? If multiple protocols had issues I'd think about
high CPU or a punt-path problem. If it's only LDP, I'd look at
interface/forwarding engine/fabric congestion for where the failed peers
are.
On Fri, May 24, 2013 at 9:46 AM, Grischa Stegemann <gs at plusline.de> wrote:
> Hi all
>
> Today we were facing a ddos attack with approx. 1.5 GBit/s and 3
> Mpackets/s. The traffic came in on a port of a 6704 and went out on
> another port of the same linecard.
>
> We have two annoying phenomena to deal with:
>
> 1. The 6509 is equipped with a Sup720-3BXL and DCEF on all linecards.
> During the attack it dropped all of its LDP neighbourships (actually
> they were flapping) although the CPU usage remained below 40% for most
> of the time and only went up over 50% at a very short peak not related
> to the LDP drops.
>
> What might have caused the dropping of the LDP neighbourships and what
> would one do to protect them?
>
> 2. On the outgoing interface we recorded a huge amount of output drops
> up to 60kpackets/s. The receiving router here is another Sup720 with
> 6704 but without DCEF.
> From my understanding 1.5GBit/s and 3Mpackets/s should be no reason to
> drop packets on a 10G link.
> So what might have caused these packets to get dropped?
>
> Thanks for any advice or hint,
> Grischa
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list