We have within the last week noticed high CPU due to packets with DST of port 19 (chargen ) but NOT DST IP of router, being punted to CPU.
We set up monitor port with SRC of RP CPU and both directions and can clearly see constant stream of DST port 19. We can't just block SRC IP or PORT since they are random and probably from BOTs on bogus devices. On the router port towards our campus, we have an ACL OUTBOUND that drops ( no logging ) for any DST port of 19. Since the packets are only being sent to hosts on campus and NOT the router itself we see no reason for the packets to be punted to CPU. Any ideas? What am I missing? Jeff Fitzwater OIT Network Systems Princeton University _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
