[f-nsp] Layer 2 packet forwarded in hardware(PP)
Eldon Koyle
ekoyle+puck.nether.net at gmail.com
Thu Sep 13 10:23:06 EDT 2018
Have you tried running dm pstat? It can sometimes help identify the type
of traffic causing issues. First run is a throwaway, it shows counts since
the previous run.
I think dynamic arp inspection can still run without any L3 configured. It
is also possible that you have some kind of hardware entry that is
flip-flopping (duplicate MAC, some kind of multicast, etc.) or a lot of
broadcast/unknown unicast traffic. Also, multicast is treated like
broadcast if you don't enable igmp snooping, which will eat CPU.
It would take an insane amount of ARP traffic to generate that much load on
the lp cpu, so that may be a red herring.
--
Eldon
On Thu, Sep 13, 2018, 05:58 Franz Georg Köhler <lists at openunix.de> wrote:
> On Mo, Sep 10, 2018 at 08:22:19 -0600, Eldon Koyle <
> ekoyle+puck.nether.net at gmail.com> wrote:
> > You can enable cpu-protection on the vlan IIRC, I don't remember all the
> > caveats; definitely look at the manual before enabling.
>
> Also with CPU protection enabled on the VLAN I see packets hitting the
> CPU with "reason: Layer 2 packet forwarded in hardware(PP)".
>
> Therefore, I still wonder what does that mean exactly: Why is the packet
> hitting CPU if it is being forwarded in hardware?
>
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20180913/469ae87b/attachment.html>
More information about the foundry-nsp
mailing list