RE: Asymmetric routing can cause excessive flooding of unicast

From: Church, Chuck (cchurch@netcogov.com)
Date: Wed May 24 2006 - 11:11:02 ART

• Next message: Schulz, Dave: "RE: tough redistribution ques"
• Previous message: Sidalo: "Re: tough redistribution ques"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Say you're got 4 devices, connected in what looks like a ring. All
Ethernet. Router 'A' is connected to 'B' and 'C'. 'D' is also
connected to 'B' and 'C'. If you're doing asymmetric routing from A to
D, what happens is you sent traffic to B from A, but the return traffic
comes from C. If all the traffic goes in this fashion, you never end up
receiving any frames from B. If the cam table entry for B times out,
when it finally does try to send something to B, it'll flood it out all
ports until it learns it again. This doesn't happen often in real life,
but when using things like GLBP which intentionally steer traffic in
certain directions, it's much more possible. Setting the cam timeout
equal to the ARP timeout will allow a single ARP request to populate
both the ARP table and the cam table, rather than a flood of normal user
traffic.

Chuck Church
Network Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services
Enterprise Network Engineering
Home Office - 864-335-9473
Cell - 864-266-3978
cchurch@netcogov.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
WorkerBee
Sent: Wednesday, May 24, 2006 9:08 AM
To: ccielab@groupstudy.com
Subject: Asymmetric routing can cause excessive flooding of unicast IP
packets??

Can anyone highlight me why "Asymmetric routing can cause excessive
flooding of unicast IP packets."?

I still cannot understand.

Asymmetric Routing
===============
Asymmetric routing occurs when packets are sent from a source to
destination over one path while return traffic follows a different
path. This will often be the case with GLBP, since traffic is
intentionally being shared over multiple upstream paths. Asymmetric
routing can cause excessive flooding of unicast IP packets. This
adverse condition results from the MAC address of downstream hosts
being aged out of the switch CAM (typical default time is 5 minutes).
The CAM aging time can be increased to a higher value to avoid this
condition. One suggestion for the Cisco Catalyst 6500 is to make the
CAM aging time equal to the ARP timeout for the MSFC. For example, set
the Layer 2 CAM entry aging time in distribution layer switches to the
same duration as the ARP timeout using the command:
set cam agingtime 1-1000 14400
This will set the time to 4 hours, same as default ARP cache timeout
for MSFC and will minimize any flooding of IP unicast traffic when
packets are never received for a given MAC.

• Next message: Schulz, Dave: "RE: tough redistribution ques"
• Previous message: Sidalo: "Re: tough redistribution ques"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART