[f-nsp] BigIron 4000 and Full Internet Table
Gunther Stammwitz
gstammw at gmx.net
Thu Oct 12 12:28:53 EDT 2006
Hello Gerald,
Why it is true that those system will most probably melt down during a dos
there are no problems during normal operations:
On a B8GMR3 (so this really is an old M3 and not even a M4) three full bgp
views and about 30 ebgp-peers are no problem at all: show memory
Total DRAM: 268378112 bytes
Dynamic memory: 243212284 bytes total, 60750176 bytes free, 75% used
BGP memory: 83671000 bytes (34%) used from dynamic memory
The cam is a little bit low during peak hours as you can see below:
show cam ip 1/1 stat
CAM IP statistics: free entries total entries
level1: 654 8192
level2: 1644 2048
level3: 2010 2047
The use ip net-aggregate and a shorter interval like 5 can resolve this
problem.
Okay.. During a dos from inside your network that targets many many
different destinations on the internet the cam will most probably get
exhausted and if that happens the cpu is being utilized. This is not
necessarily bad but as soon as there too much load packets will get dropped
and the bgp-scheduler might be unabl to respond to keepalive requests and so
on which is not a good thing (tm).
Gunther
> > am hearing issues regarding the flows causing CPU to increase.
>
> Ok, that's a complete different thing and where discussed
> here more than one time before: such systems will melt down
> when flows growing up (e.g.(d)DOS's) because of the lack of
> enough CAM space.
>
> --
> Gerald (ax/tc)
More information about the foundry-nsp
mailing list