On 11/02/13 14:30, Jared Mauch wrote:
On Feb 11, 2013, at 9:17 AM, Phil Mayers <[email protected]>
wrote:
All,
Does anyone know which knob controls the "only send 1 ICMP redirect
/ sec" on an HSRP-enabled SVI on 6500/sup720 (SXJ IOS)? Is there a
"show" command for the defaults / current setting?
Note: I am not talking about the redirect MLS rate-limiter here;
that's disabled. I'm seeing constant traffic flowing and would
expect constant ICMP redirects, but that's not happening - they're
coming at regular 1-second intervals, regardless of the underlying
packet arrival rate.
This may be some limiter similar to that which first showed up in
Solaris 2.6 for the icmp error rate.
Probably, but I'm hoping for some documentation on how it works. If I'm
reading it right, it looks like the forwarding hardware is forwarding
the packets, and only punting 1/sec to CPU.
I know that we always turn off IPv4 and IPv6 redirects to avoid even
generating them. It's typically best used with the "ip route-ca
same-interface" command.
It's another one of those "no ip proxy-arp" commands - sup720 is slow
enough that yet more commands in the NVGEN is something I'd like to
avoid. Oh for a globals/templating.
If folks want to hairpin traffic, that's fine.. just want to prevent
slowing it down.
Sure; the background is I'm troubleshooting some weird problem with a
legacy connection configured like so:
6500 --- subnet1 --- Cisco 3600 --- subnet2 --- host2
|
host1
...and host1 <-> host2 traffic failing under certain circumstances.
Needless to say, host1 has the 6500 as its gateway (and the SVI is HSRP
enabled, to add to the complexity).
We'll probably move away from the config, but I'd like to understand the
nature of the problem first, rather than cargo-cult it, and this weird
"only one redirect/second" is confusing me...
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
