[c-nsp] One Cat6k/Sup2T is software switching, its identical partner is not
Matthew Huff
mhuff at ox.com
Mon Apr 20 10:06:46 EDT 2015
Haven't followed this thread too carefully, so I apologize if I duplicated anyone's suggestion:
Have you checked for:
1) Are these systems setup for NHRP (hsrp, glbp, vrrp)? If so, is the box that is having the issue the active node?
2) Are you running PIM? Is this box the DR?
3) Have you checked to see if there is traffic headed to the box, rather than through it that is causing the issue?
----
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-694-5669
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Sander Steffann
Sent: Monday, April 20, 2015 9:44 AM
To: Jeroen van Ingen
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] One Cat6k/Sup2T is software switching, its identical partner is not
Hi,
> On 04/19/2015 06:08 AM, Mack McBride wrote:
>> Are all of the acls the same on both boxes?
>> It almost sounds like one box had a tcam explosion due to differing ACLs.
>
> Yes, ACLs are 100% identical, I've paid extra attention to that when I vimdiff'd the configs.
Are you using the LI (Lawful Intercept) features on those boxes? LI makes the TCAM for ACLs explode, possibly multiple times if it thinks ACLs are not identical between ports. This is likely to happen when the ACL changes.
Cheers,
Sander
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list