Are you sure this is actually fixed?

When entering the command:

mls rate-limit unicast cef glean 5000 250

I get:

12.2(18)SXF14 and 12.2(33)SXI3:  The following is sent the console only, but 
not logged:

%Packets requiring ARP resolution will be subject to the output ACLs of the 
input VLAN

12.2(33)SRD3:  The following is logged:

*Mar 27 07:08:50 EDT: %MLS_RATE-4-ENABLING_FIB_GLEAN_RECEIVE: Packets requiring 
ARP resolution will be subject to the output ACLs of the input VLAN

Seems to be an expected message:

http://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi?action=search&index=all&locale=en&query=MLS_RATE-4-ENABLING_FIB_GLEAN_RECEIVE&counter=0&paging=5&links=reference&sa=Submit

Previous messages from Sukumar in the Feb 2007 timeframe seemed to imply this 
was an issue with the PFC3B and could be fixed with the PFC3C.

Thanks
Chris

On Mar 25, 2010, at 4:20 PM, Rodney Dunn wrote:

> 
> 
> On 3/25/10 1:42 PM, Tim Durack wrote:
>> On Thu, Mar 25, 2010 at 12:22 PM, Rodney Dunn<[email protected]>  wrote:
>>> Yep...that's it:
>>> 
>>> Release-note
>>> ============
>>> 
>>> When a packet is destined to an next hop that doesn't already
>>> have an ARP entry, the packet needs to be punted from the hardware
>>> datapath up to the CPU.  When the glean adjacency rate-limiter is
>>> enabled, the egress security ACL (and egress QoS) of the ingress
>>> interface is applied on these punted packets.
>>> 
>>> The current workaround is to either relax the egress security ACLs
>>> of ports facing PCs/servers (ports facing only routers are not a
>>> problem since routing protocols guarantee that ARP entries always
>>> exist for routers), or disable the glean adjacency rate-limiter.
>> 
>> But it's fixed, right?
> 
> Yes. I didn't realize how long it had been so my memory isn't totally gone 
> yet. ;)
> 
> Rodney
> 
> 
>> 
>> CSCed75920 says:
>> 
>> Fixed-In
>> 12.2(17d)SXB1
>> 12.2(18)SXD
>> 
>> (I really want to police all ip at the end of my CoPP policy, and the
>> mls glean rate-limiter appears to allow me to do that.)
>> 
> _______________________________________________
> cisco-nsp mailing list  [email protected]
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Chris Griffin                           [email protected]
Sr. Network Engineer - CCNP             Phone: (352) 273-1051
CNS - Network Services                  Fax:   (352) 392-9440
University of Florida/FLR               Gainesville, FL 32611




_______________________________________________
cisco-nsp mailing list  [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Reply via email to