[c-nsp] OSPF flapping ME3400
Lukas Tribus
luky-37 at hotmail.com
Tue Dec 8 04:56:59 EST 2015
Hi!
> Hello everyone,
>
> We have some ME3400 switches that are doing OSPF. These work fine and have
> for a couple years now. However, if a link on them (100M) gets hit with a
> ddos attack, the switch will start OSPF flapping. This in turn causes all
> the others to do the same. Is there a way to dampen the flapping affect so
> that it does not cause a massive network outage?
Does the DDoS target a customer routed by this ME3400 or does the DDoS
target the ME3400 itself?
Do you have "show proc cpuc sort" from the DoS and in normal production?
Honestly, this sounds like the ME3400 would route in software. Any TCAM
warnings in the log? Do you use the correct sdm template?
Provide outputs:
show proc cpuc sort
show ip route summary
show log | inc TCAM
show sdm prefer
In case the SDM template is layer 2, switch to "default":
http://www.cisco.com/c/en/us/td/docs/switches/metro/me3400/software/release/12-2_55_se/configuration/guide/ME3400_scg/swsdm.html
Regards,
Lukas
More information about the cisco-nsp
mailing list