[f-nsp] Odd CPU spikes on Jetcore BI4K, IP level
Jeroen Oldenhof
jeroen at cj2.nl
Wed Oct 15 05:27:38 EDT 2008
Bardo,
Could you check you CAM statistics on both your external as well as your
internal facing interfaces?
'show cam ip 1/1 stat'
And could it be that one of your customers is doing a large outbound
scan or something which largely traverses over this specific transit?
Such a scan performed from within our network at 100mbps line speed one
day nearly killed our entire network, while the CAM on several of our
BI4k´s was constantly saturated.
Best regards,
Jeroen Oldenhof
CJ2 Hosting
Bardo Cornelissen schreef:
> Hi folks,
>
> I'm facing an odd issue causing high CPU load on a Jetcore BI4K, with for
> what seems to be caused in a ip transit uplink.
>
> We are running BGP on multiple jetcore BigIrons. Now there are 3 border
> routers which each have an ip transit uplink. After some time (a day or
> sometimes more like a week) we see a high CPU load and it doesn't stop until
> we shutdown the BGP session with one of these carriers. So far we have seen
> 2 crashes which may have been caused by this.
>
> So we moved that carrier to a different router (same model), replaced the
> used SFP, upgraded the software on the router but nothing solves the
> problem. Also our carrier relocated the port to a complete different switch
> and router, but still no luck. My carrier double checked everything over and
> over and with their reputation it's most unlikely they would be failing
> here.
>
> Now the load is on IP level when issuing a 'sh proc cpu' command and NOT on
> the BGP level.
>
> I hope someone somehow has ever seen a situation alike and found the issue,
> or maybe has some recommendations on how to debug this. Maybe someone knows
> any additional configuration that may help me out here.
>
> The concerned config is:
> !
> vlan 20 name TRANSIT-BGP by port
> untagged ethe 1/1
> router-interface ve 20
> !
> interface ethernet 1/1
> route-only
> no spanning-tree
> sflow forwarding
> !
> interface ve 20
> ip address ???.???.???.??? 255.255.255.252
> no ip redirect
> ip arp-age 120
> !
>
> Thanks in advance for any help and efforts!
>
> Kind regards,
>
>
> Bardo Cornelissen.
> Caveo Internet BV
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
More information about the foundry-nsp
mailing list