Good morning all,
I'm stumped researching a slightly overloaded Supervisor 720 on one of
our aggregation devices. I've discovered that an access-list applied to
a SVI means denied packets are punted to the CPU. There's no log
statement. The packets have no IP options, TTL=64, DSCP=0x28 and frame
On Wed, 2012-08-29 at 11:17 +0200, Peter Rathlev wrote:
I'm stumped researching a slightly overloaded Supervisor 720 on one of
our aggregation devices.
...
Forgot to mention platform: WS-SUP720-3B revision 5.2 running
12.2(33)SXI1 Advanced IP Services. Traffic arrives tagged on a
WS-X6724-SFP.
[mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Peter Rathlev
Sent: mercoledì 29 agosto 2012 11:18
To: cisco-nsp
Subject: [c-nsp] Sup720 SVI ACL deny punted? (no logging)
Good morning all,
I'm stumped researching a slightly overloaded Supervisor 720 on one of our
aggregation devices
What are your mls rate limiters set for, including the no-route one?
Jared Mauch
On Aug 29, 2012, at 5:17 AM, Peter Rathlev pe...@rathlev.dk wrote:
Good morning all,
I'm stumped researching a slightly overloaded Supervisor 720 on one of
our aggregation devices. I've discovered that an
On Wed, 2012-08-29 at 11:09 +, Brian Turnbow wrote:
1 to generate an ip unreachable ? try disabling them on the SVI
Ahh, interesting idea. We have an ACL drop rate-limiter in place:
mls rate-limit unicast ip icmp unreachable acl-drop 200 10
When replacing this with ... acl-drop 0 the
On Wed, 2012-08-29 at 15:22 +0100, Phil Mayers wrote:
On 29/08/12 14:35, Peter Rathlev wrote:
If we know that the punting is limited to 200 pps it shouldn't matter
too much. I've tried simply removing the ACL to see if the CPU overload
disappears. But why would 200 pps even start making it