High CPU

Unanswered Question
Dec 11th, 2008
User Badges:

I had a 6500(SUP720) running high CPU over a 72 hr period. TAC engineer gave the below fix under all SVI on the switch.


Can you expain the below commands which fixed this issue.



interface vlan 1

no ip unreachable

no ip redirects

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
lejoe.thomas Thu, 12/11/2008 - 15:25
User Badges:
  • Silver, 250 points or more

hi Colm


no ip redirects

disables sending ICMP redirect messages, if a device has to resend the packet through the same interface it was received. Eg: R1 and R2 are two routers on the same segment, Host A sends a packet to R1, R1 has to forward the packet out to R2 over the same interface through which it received the packet from Host A. So it sends an ICMP redirect message to host A informing it of better path to the destination in the future.


no ip unreachable

disables sending ICMP unreachable messages. sending out icmp unreachable messages can help in mapping out a network topology, it can also be used to perform dos attacks, in which cpu resources is expended.



HTH


Lejoe


Actions

This Discussion