The thing is that packets seems to come to VLAN 41 and should go out of the same inteface. When this happens router tries to generate ICMP redirect. I guess you "no ip redirect" configured on VLAN41. That stops router from sending ICMP redirect itself however due to ASIC logic it still sends those packets to CPU even is ICMP redirect are blocked.
So youy may need to check 2 things:
- check if VLAN 41 has "no ip redirects" configured. Add it if that was not.
- check your design to stop packets from entering and leaving smae L3 interface
ACL is not a problem - you need to check routing "show ip route" for these destinations:
If the destination is same VALN 41 then that explains why packets getting to CPU. They are received and sent out of the same L3 interface. Router is designed to send ICMP redircect and send copy of each such packet to CPU. Even with no ip redirect configured packets are still sent to cpu according to HW design.
You need to change your netwrok design to avoid these packets to come to this switch if those really coming and leaving on same VLAN 41.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...