Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
0
Helpful
1
Replies

7206 VXR NPE-G2 pps

Jasonch518_2
Level 1
Level 1

‎09-29-2008 07:25 AM - edited ‎03-03-2019 11:43 PM

Hello,

I currently am running a 7206 VXR running C7200P-SPSERVICESK9-M), Version 12.4(4)XD8.

This router has a gigabit connection to an upstream provider, and on an average day the utilization is about 100Mb in and 85Mb out, roughly 20k-30k pps on each.

Lately a web server we have has been getting DOS'ed, and the input from that gigabit connection spikes to around 110k-150k pps, and basically this cripples the router. I know that the Cisco literature says that the router should be able to handle 2million pps, but that does not seem to be the case. CPU spikes to 100 percent, causing the BGP sessions to flap etc, so it seems that the packets are hitting the CPU, but we are running cef, so not sure why so many are hitting the CPU.

Has anyone had experience or similar problems with the NPE-G2?

Not many policy's on the router, just an ACL on the gigabit interface to the upstream provider, as well as a few route maps with AS filters etc.

Not sure if its just the nature of the DOS that is killing my 7206 NPE-G2 or that those routers are just getting to be outdated now, and we may need to look to upgrading to the ASR series or a 7600, but I have no experience with the ASR's.

Thanks for any input.

Labels:
0 Helpful
1 Reply 1

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-29-2008 10:21 AM

I haven't encountered the situation you describe, but if the problem is being caused by a DoS attack, perhaps IP/TCP options within the packet are forcing process switching. What's show process look like when this happens?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card