[c-nsp] Whats happens when TCAM is full on 7600/RSP720RSP-3CXL?
Saku Ytti
saku at ytti.fi
Fri Sep 18 07:17:44 EDT 2020
Hey,
> So in most cases it will look that way:
> #show mls cef exception status
> Current IPv4 FIB exception state = TRUE
> Current IPv6 FIB exception state = FALSE
> Current MPLS FIB exception state = FALSE
>
> And yes, the box will drop down to a few MBit of Traffic.
Not only that, but there are three possible configurable actions for
exception state, freeze (default), reset and recover. CTAC didn't know
what recovery does. Freeze means no updates are going to HW, so
understanding that it just affects prefixes not fitting HW is
incorrect, if label gets reprogrammed in software, HW retains old
information and you break your VPN security promise.
The correct configuration has 'reset' manually configured and box will
reload in loop until recovered. I.e. don't let it happen.
--
++ytti
More information about the cisco-nsp
mailing list