7206 VXR NPE-G2 pps

Unanswered Question
Sep 29th, 2008
User Badges:

Hello,


I currently am running a 7206 VXR running C7200P-SPSERVICESK9-M), Version 12.4(4)XD8.


This router has a gigabit connection to an upstream provider, and on an average day the utilization is about 100Mb in and 85Mb out, roughly 20k-30k pps on each.


Lately a web server we have has been getting DOS'ed, and the input from that gigabit connection spikes to around 110k-150k pps, and basically this cripples the router. I know that the Cisco literature says that the router should be able to handle 2million pps, but that does not seem to be the case. CPU spikes to 100 percent, causing the BGP sessions to flap etc, so it seems that the packets are hitting the CPU, but we are running cef, so not sure why so many are hitting the CPU.


Has anyone had experience or similar problems with the NPE-G2?


Not many policy's on the router, just an ACL on the gigabit interface to the upstream provider, as well as a few route maps with AS filters etc.


Not sure if its just the nature of the DOS that is killing my 7206 NPE-G2 or that those routers are just getting to be outdated now, and we may need to look to upgrading to the ASR series or a 7600, but I have no experience with the ASR's.


Thanks for any input.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Mon, 09/29/2008 - 10:21
User Badges:
  • Super Bronze, 10000 points or more

I haven't encountered the situation you describe, but if the problem is being caused by a DoS attack, perhaps IP/TCP options within the packet are forcing process switching. What's show process look like when this happens?

Actions

This Discussion