01-11-2008 12:02 AM - edited 03-03-2019 08:13 PM
Hi,
we have some problem with GRE traffic which is processed by CPU and not by CEF.
In sniffed packets I can see a lot of "TCP window update" packets.
I found that some kind of GRE traffic are forwarded to CPU, like packets with IP options or TTL=0 but non of those are seen in the sniffed packets.
01-14-2008 08:35 AM
hm,
I think I found it.
we use the PBR for forwarding ome traffic (with private IP addresses) via GRE tunnel and what I found:
----------------------------
The Policy Feature Card (PFC) and any Distributed Feature Cards (DFCs) provide hardware support for policy-based routing (PBR) for route-map sequences that use the match ip address, set ip next-hop, and ip default next-hop PBR keywords.
When configuring PBR, follow these guidelines and restrictions:
-The PFC provides hardware support for PBR configured on a tunnel interface.
-The PFC does not provide hardware support for PBR configured with the set ip next-hop keywords if the next hop is a tunnel interface.
------------------------------------
it seems that the CPU load was not caused by GRE traffic itself, but it was caused by PBR process which forward the traffic to the GRE tunnel.
I'd be appreciate if somebody could confirm this or explain in more details.
05-21-2013 10:00 PM
Hi Konastanin,
Thank you for your post. It helped to resolve an issue.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: