hi Edison,

that was my first thought, but I checked the configurtion and no, only one GRE tunnel is active and it use the loopback interface as source:

interface Loopback0

ip address y.y.y.y

!

interface Tunnel11

ip address x.x.x.x

ip mtu 1450

keepalive 10 3

tunnel source Loopback0

tunnel destination z.z.z.z

tunnel path-mtu-discovery

You mentioned you aren't fragmenting the packet but I see the mtu set to 1450. You will definitely encounter packets greater than that as the default on ethernet is 1500, unless you have an intermediate device fragmenting the packet for your before it gets to this device, packet fragmentation will occur.

This may be the reason for the CPU hit, fragmented packets go in Software, not Hardware.

Can you also post the IOS version?

__

Edison.

Hi,

yes we're using IP MTU 1450 on GRE tunnel and PMTUD protocol works fine, I see that the size of packets originating from the source hosts, which generate the most load on GRE tunnel, is not more then 1414 bytes (if I sniff directly on those hosts) and a lot of "TCP window update" (66 bytes), but on the sniff from SUP720's CPU I have a lot of packets with size of 70 bytes (4 bytes for GRE header?) but not all, eg. directly on host I can see ~10 TCP updates packets, and on SUP720 only 2 or 1 from those 10.

IOS 12.2(18)SXF7, RELEASE SOFTWARE (fc1)

How can I reduse the number of generated "TCP update packets"?

The 6500 is telling those hosts to reduce the packet size via ICMP. As a test, try to create a flow between two end-devices on the same segment. Take a trace and you will see 1500 sized packets.

Perhaps what you are seeing is the host reducing the packet size to fit on the GRE tunnel. I wonder if this process is causing a CPU load.

__

Edison.

>Perhaps what you are seeing is the host

>reducing the packet size to fit on the GRE

>tunnel. I wonder if this process is causing

>a CPU load.

it seems that the "TCP update" are processed by CPU on SUP720. because I got a lot of them.