Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
247
Views
0
Helpful
6
Replies

Urgent qestion. 7206VXR locks up for 10 sec at a time, drops BGP!!!

jasonhumes
Level 1
Level 1

‎01-23-2004 05:18 AM - edited ‎03-02-2019 01:06 PM

Hi

We've got a 7206VXR with NPE route processor. The problem we are seeing is that sometimes (as often as every 10 minutes, sometimes as long as 8 hours) the router will seem to lock up or stall temporarly, at which point the console stops responding and bgp routes start to exprire and then eventually drop out totally, untill the router comes back around again (which it does on its own after a few minutes, or seconds sometimes). Also, while this is happening, local routing seems to work just fine and the memory and CPU utilization are within normal limits. Any ideas. Thanks

Labels:
0 Helpful
6 Replies 6

ruwhite
Level 7
Level 7

‎01-23-2004 05:35 AM

It sounds like your TCP stack is being attacked in some way--a fin wait 1 or syn attack, maybe. I would look around for signs of this, or set up access lists blocking all tcp into the box other than from hosts you would telnet from and the bgp peer, and see if that helps, possibly.

:-)

Russ.W

0 Helpful

jasonhumes
Level 1
Level 1
In response to ruwhite

‎01-23-2004 06:01 AM

Sorry for the noob question, I know how to deal with this on a pix firewall, but on a router, how do I go about detecting this syn/fin attack and also, how could I mitigate the effects if that is what it turns out to be. I dont think I've got the firewall feature set on that router, which means that IP Inspect is out of the question. Thanks

0 Helpful

glen.grant
VIP Alumni
VIP Alumni
In response to jasonhumes

‎01-24-2004 01:03 PM

you could turn on ip route cache flow and take a look at the flows and see if there is a pattern or if there is a lot of traffic coming from one source .

0 Helpful

deilert
Level 6
Level 6

‎01-23-2004 05:45 AM

what code are you running ? We had a similar problem , all the interfaces would remain up up and not pass any data , the console would also lock up

0 Helpful

jasonhumes
Level 1
Level 1
In response to deilert

‎01-23-2004 05:56 AM

We are running ver 12.2.19...Any ideas?

0 Helpful

deilert
Level 6
Level 6
In response to jasonhumes

‎01-23-2004 06:28 AM

no sorry , this was happening to us on 12.0(7) T , we have not had any problems with 12.2(19) .

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents