nanog mailing list archives
Re: Cisco uRPF failures
From: Sam Stickland <sam_mailinglists () spacething org>
Date: Sun, 07 Sep 2008 09:36:45 +0100
Jo Rhett wrote:
That's the surprising thing -- no scenario. Very basic configuration. Enabling uRPF and then hitting it with a few gig of non-routable packets consistently caused the sup module to stop talking on the console, and various other problems to persist throughout the unit, ie no arp response. We were able to simulate this with two 2 pc's direction connected to a 6500 in a lab. If I remember right, we had to enable CEF to see the problem, but since CEF is a kitchen sink that dozens of other features require you simply couldn't disable it.
Definately sounds like it could be a problem - I'd like to try and replicate this. What do you mean by non-routable traffic - traffic whose destination has no route (I assume you are running defaultless), or traffic that fails the uRPF check?
And correct me if I'm wrong but I thought you can't disable CEF on the 6500 platform?
hs-6513-1#conf t Enter configuration commands, one per line. End with CNTL/Z. hs-6513-1(config)#no ip cef % Incomplete command. hs-6513-1(config)#no ip cef ? accounting Enable CEF accounting distributed Distributed Cisco Express Forwarding event-log CEF event log commands interface CEF linecard commands linecard CEF linecard commands load-sharing Load sharing nsf Set CEF non-stop forwarding (NSF) characteristics table Set CEF forwarding table characteristics traffic-statistics Enable collection of traffic statistics hs-6513-1(config)#no ip cef distributed %Cannot disable CEF on this platform hs-6513-1(config)#exit hs-6513-1#sh version | inc IOSIOS (tm) s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(18)SXF11, RELEASE SOFTWARE (fc1)
Sam
Current thread:
- Re: Force10 Gear - Opinions jim deleskie (Sep 01)
- Re: Force10 Gear - Opinions Owen DeLong (Sep 01)
- <Possible follow-ups>
- Re: Force10 Gear - Opinions Jo Rhett (Sep 03)
- RE: Force10 Gear - Opinions James Jun (Sep 03)
- Re: Force10 Gear - Opinions Jo Rhett (Sep 03)
- Re: Force10 Gear - Opinions Rubens Kuhl Jr. (Sep 03)
- Cisco uRPF failures Jo Rhett (Sep 04)
- Re: Cisco uRPF failures Anton Kapela (Sep 06)
- Re: Cisco uRPF failures Christopher Morrow (Sep 06)
- Re: Cisco uRPF failures Jo Rhett (Sep 11)
- Re: Cisco uRPF failures Sam Stickland (Sep 07)
- Re: Cisco uRPF failures Saku Ytti (Sep 08)
- Re: Cisco uRPF failures Jo Rhett (Sep 11)
- Re: Cisco uRPF failures Saku Ytti (Sep 11)
- Re: Cisco uRPF failures Jo Rhett (Sep 11)
- Re: Cisco uRPF failures Brandon Ewing (Sep 13)
- Re: Cisco uRPF failures Saku Ytti (Sep 13)
- RE: Cisco uRPF failures Tom Zingale (tomz) (Sep 15)
- RE: Force10 Gear - Opinions James Jun (Sep 03)
- Re: Force10 Gear - Opinions Brian Feeny (Sep 03)
- Re: Force10 Gear - Opinions Paul Wall (Sep 04)