I currently am running a 7206 VXR running C7200P-SPSERVICESK9-M), Version 12.4(4)XD8.
This router has a gigabit connection to an upstream provider, and on an average day the utilization is about 100Mb in and 85Mb out, roughly 20k-30k pps on each.
Lately a web server we have has been getting DOS'ed, and the input from that gigabit connection spikes to around 110k-150k pps, and basically this cripples the router. I know that the Cisco literature says that the router should be able to handle 2million pps, but that does not seem to be the case. CPU spikes to 100 percent, causing the BGP sessions to flap etc, so it seems that the packets are hitting the CPU, but we are running cef, so not sure why so many are hitting the CPU.
Has anyone had experience or similar problems with the NPE-G2?
Not many policy's on the router, just an ACL on the gigabit interface to the upstream provider, as well as a few route maps with AS filters etc.
Not sure if its just the nature of the DOS that is killing my 7206 NPE-G2 or that those routers are just getting to be outdated now, and we may need to look to upgrading to the ASR series or a 7600, but I have no experience with the ASR's.
I haven't encountered the situation you describe, but if the problem is being caused by a DoS attack, perhaps IP/TCP options within the packet are forcing process switching. What's show process look like when this happens?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...