I'm troubleshooting a problem with high CPU on a 6500/Sup720. On a 6348-RJ45 port, I see a huge increase in processed switched packets when the problem occurs. I sniffed the port and found the device that is sending the packets. It is sending a lot of packets with TCP RST or SYN set.
CEF is enabled on the interface:
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP Feature Fast switching turbo vector
IP Feature CEF switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Here is a sh int fax/x stats (partial):
Switching path Pkts In Pkts Out
Processor 260811987 248046300
Route cache 1879677 29586145
Distributed cache 175439083 424739039
Total 438130747 702371484
What's the difference between Route cache and Distributed cache anyway? I thought Route cache was both fast switching and CEF. This card doesn't have a dCEF card or anything. Not sure why there are Distributed cached processed packets occuring.
When the problem occurs the Proccessor switching path Packet count increases at a very rapid rate. Also packets/sec from sh int x/x on the interface goes up to like 6000 (when the problem is not occuring the packets/sec on the interface is about 2000 or so).
So it would seem that the packets coming from that device are being processed switched instead of CEF switched.
Here is the port config:
ip address x.x.x.x y.y.y.y
ip access-group zzz in
no ip unreachables
ip accounting access-violations
ip nat outside
no cdp enable
Here is sh int x/x switching (partial):
Protocol Path Pkts In Pkts Out
IP Process 457887522 441288181
Cache misses 0
Fast 3133511 39485080
Auton/SSE 228967480 676483245
Here we see Auton/SSE (which I believe are CEF switched packets) and a lot of Process switched packets.
I've been trying to research what types of packets are processed switched. So far I've found that NAT supports CEF switching in newer version of IOS (I'm running the latest 720 code). I've been trying to find info on CEF switching and ACLs but haven't had much luck.
So I know what is causing the issues-Flooding of TCP packets with RST or SYN bits set from a device on the LAN out that fastE interface. This device is supposed to do this (don't ask). I'm just trying to figure out why all those packets are processed switched instead of CEF-switched. The packets are from a device on the LAN to the 6500 out of the above fastE port.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.