From: P729 (p729@cox.net)
Date: Mon Sep 27 2004 - 15:24:45 GMT-3
Richard,
Someone could be bombing your site with traceroutes or packets with TTL set
to 1. The router may have to process switch these packets. The flushes
indicate SPD is kicking in, which leads me to believe that the router is
spending a lot of time process switching on that interface for some reason.
Are you doing any ingress filtering? You may want to limit incoming ICMP to
what you really need (e.g., echo, echo reply, packet-too-big, unreachable)
and disable emitting IP unreachables on that interface if you can. Does
'show ip interface' indicate that CEF is indeed enabled on that interface?
Regards,
Mas Kato
https://ecardfile.com/id/mkato
> -----Original Message-----
> From: Peasah, Richard Kwame [mailto:rpeasah@ku.edu]
> Sent: Monday, September 27, 2004 5:55 AM
> To: ccielab@groupstudy.com
> Subject: Help:Input Queue Congestion Problem
>
> Folks,
>
> Can I borrow your brains for a few minutes? My internet router, a Cisco
> 7304, is dropping packets from the input queue and I'm having a tough
> time figuring out the cause. Over the past 2 weeks there've been
> instances where all of a sudden it will drop all packets for minutes and
> then resume forwarding. It's been hard nailing down the exact time this
> behavior occurs. By the time I'm alerted by the help desk, the incident
> is over and the router is back forwarding packets. However, I'm seeing
> lots of flushing going on with respect to the input queue for the
> interface connecting to our ISP. See three instance of "show int"
> output below:
>
> Last clearing of "show interface" counters 03:01:42
> Input queue: 0/75/216/4427 (size/max/drops/flushes); Total output drops:
> 2901
>
> Last clearing of "show interface" counters 03:51:56
> Input queue: 1/75/238/6161 (size/max/drops/flushes); Total output drops:
> 3280
>
> Last clearing of "show interface" counters 05:05:08
> Input queue: 1/75/269/8047 (size/max/drops/flushes); Total output drops:
> 4443
>
> Since I don't have a baseline to compare with I really can't tell
> whether this is normal (the flushes and the drops) but it sure doesn't
> look normal to me. Anyone with experience with this stuff please shed
> some light on this, please. I've both cef and fast switching configured
> and I'm not seeing any cache misses so far. At this point, one thing
> jumping at me is the "bad hop count" in the "sh ip traffic" output. This
> counter keeps incrementing as can be see below:
>
> 08:00 7242548
>
> 10:00 7267491
>
> 12:00 7314403
>
> 15:00 7387856
>
> 16:00 7402531
>
> 17:00 7419743
>
> I've been scouring CCO for some pointers without success. Some technotes
> suggest I turn on "debug ip error" but I'm really reluctant (actually
> scared) to do that for fear of taking the whole damn thing down. This is
> our only internet node so until I get a nod for them "Big Kahunas" I
> ain't doing no debugging. Any ideas? And oh, I've been checking my
> buffers and so far no misses there.
>
> Richard Peasah, Ph.D., CCIE 13662
> Networking & Telecommunications Services
> University of Kansas
> rpeasah@ku.edu
> (785) 864-9354
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:50 GMT-3