IPS messages on a 2811 router

Unanswered Question
Oct 4th, 2007
User Badges:

We have implemented IPS to monitor on a 2811 router...once this was applied to all the interfaces the router cpu went up to 99% and the customer started having issues...

I have attached a print screen from what the IPS was seeing...can anyone shed some light on what I can do to resolve these...


Thanks,


Joe




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tim Armstrong Fri, 10/05/2007 - 03:32
User Badges:

I don't know about your screenshots, but...


We recently implemented the 5.x signature style to a 2821 router and drove cpu utilization to 100%. It turned out that by default all of the available signatures were enabled, and the router can't handle that. We ended up retiring all signatures and then returning signature groups of interest to service incrementally until our CPU utilization stabilized at about 20%.


Here's the document that eventually drove us:

http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd805c4ea8.shtml

pay special attention to step 4.4.


Good luck!

Actions

This Discussion