[f-nsp] BigIron 4k with JetCore

Jeroen Wunnink jeroen at easyhosting.nl
Mon Jul 14 11:41:49 EDT 2008 

Hi Brendan,

The first 4 ports on slot 3 look fairly loaded:

Layer 3 sw index range:
   L3 L3 1 - 2047        (0x00001 - 0x007ff), free 1964 (0x007ac)
   L3 L2 2048 - 4095     (0x00800 - 0x00fff), free 1118 (0x0045e)
   L3    4096 - 32767    (0x01000 - 0x07fff), free 13172 (0x03374)

Is this a snapshot of peak-time or at low usage ?, if there's a 
sudden surge with for example a synflood which makes a ton of 
connections, those 13000 remaining free L3 entries can run out pretty 
fast resulting in the router throwing the L3 routing part over the 
CPU (that's when the domino effect starts happening on connections 
getting lost once the CPU maxes out)

Some ideas:
You could set the cam-partition on slot 3 to allocate more space to 
layer 3 (L3) and less to layer 2 (L2) if you don't use it much for 
switching. The minimum for L4 is a mandatory 25% though.

enable the quick-aging option with the cpu-protection feature, which 
cuts the cam expire timer in half if the CPU or CAM load is over a 
certain threshold. (you can set some conditions and actions here)

Devide the busiest uplinks between more port groups

I've seen our L3 CAM space run out very fast once the maximum 
ip-cache hit it's limit, check if the system-max is set to 400000 for 
the ip-cache

note: You'll need to reload the device once you re-partitioned the 
cam or increased the system-max settings

We've had our fair share of CPU spikes and CAM exhaust issues in the 
past on our Irconcore and Jetcore BI4k equipment , these were the 
main issues and solutions that solved it for us with some help from 
Foundry TAC and NLNOG'ers (Dutch network admins)


At 16:36 14-7-2008, Brendan Mannella wrote:
>Here is a copy and paste of the "sh cam-part det". Does it look exhausted?
>[snip..]



Met vriendelijke groet,

Jeroen Wunnink,
EasyHosting B.V. Systeembeheerder
systeembeheer at easyhosting.nl

telefoon:+31 (035) 6285455              Postbus 48
fax: +31 (035) 6838242                  3755 ZG Eemnes

http://www.easyhosting.nl
http://www.easycolocate.nl

More information about the foundry-nsp mailing list