Did you ever resolve this? I have a customer with similar problems, and I *think* I've narrowed it down to worm-infected clients trying to infect random addresses (leading to LOTS of new flows having to be routed by the CPU).
As I would... unless they were CaTV broadband customers - I have no desire to instill into them the notion that I am available around the clock for support... or take any responsibility whatsoever for their antivirus solutions... :-)
Waving with my customer's AUP might do the trick, though, but as their staff is 1.5 people, I don't think they care much for spending time waving...
However... I DO suspect a middlebox (NetIntact PacketLogic) is doing some sending of gratuitous RST:s... meaning that even updated Windows machines maximum-connection-per-host is thwarted. I so do NOT like middleboxes (esp. since I didn't sell it in the first place)...
Not that he knows of. Broadband customers - individuals/households as well as commercial (problems most severe at night, when the commercial customers don't do much, so it shouldn't be them). But you tickled my curiousity. Why?
More info: The network is a mini-MAN in a town with almost exactly 10000 residents. The 3750 cluster is the core L3 equipment, access layer is L2 switches.
We MAY be oversubscribing the TCAM, as we have almost a hundred VLAN:s running L3 (as opposed to the 8 in the example in the sdm template). On the other hand, 100 / 8 = 12.5 and we are nowhere near 12.5 times the numbers supported by the template. We more or less only have a default gateway (upstream ISP) and then each directly connected VLAN.
Also, I feel I would see interrupt load then (as CEF in CPU would show as CPU load), not IP Input. Right?
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...