It turns out it is some bug with adding this single entry into a long ACL. Once we did a rebuild of ACL ( no access list foo then access-list foo ) all worked fine. The singe ACE entry was added about two weeks ago and just last week someone decided to poke at the port 19 and thats when we saw the CPU spike.
I have ticket open with CISCO to let them know. Thanks for all the help. Jeff F. On Aug 27, 2012, at 6:38 PM, Phil Mayers wrote: > Puzzling. I assume ttl!=1? Any ip options or peculiar-looking layer2 header? > > Long shot but do you have the relevant "no service" commands in your config? > > From the terminology I assume you're on sup720 / 6500-ish hardware? Does "sh > tcam" on ingress interfaces look ok? > > Exact platform / software version? > -- > Sent from my phone. Please excuse brevity and typos. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
