RE: CEF debugging question

I agree that turning off CEF for debugging is usually a very bad idea, outside
of a lab environment. It sounds like Usama is seeing unexpectedly high levels
of process switching (e.g. high CPU on "IP Input" process) and he's trying to
figure out what that traffic is (correct me if I'm wrong). I've run into this
situation many times, especially involving NAT scenarios on 6509s/SUP720s.
Spanning RP-inband is a low-impact way of seeing the punted traffic in
real-time.

________________________________
From: Keegan.Holley_at_sungard.com [Keegan.Holley_at_sungard.com]
Sent: Tuesday, January 12, 2010 4:59 PM
To: Darrin Machay
Cc: ccielab_at_groupstudy.com; Usama Pervaiz; nobody_at_groupstudy.com
Subject: RE: CEF debugging question

Umm... why would you want to debug if the cpu is already pegged? This sounds
like it may not end well. Also, I don't think you can debug cef traffic. It
was invented not to go to the processor so you would have to turn cef off to
see anything. If you do a sh proc cpu what process is using the most
resources?

From: Darrin Machay <darrin.machay_at_yjtsolutions.com>
To: Usama Pervaiz <chaudri_at_gmail.com>
Cc: "ccielab_at_groupstudy.com" <ccielab_at_groupstudy.com>
Date: 01/12/2010 04:43 PM
Subject: RE: CEF debugging question
Sent by: <nobody_at_groupstudy.com>

________________________________

The easiest way to see what's going on is to span RP-inband and use a sniffer
like WireShark to take a look at the punted packets.

See the section "SPAN RP-Inband and SP-Inband":
http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186
a00804916e0.shtml

Assuming you want to use span session 1:
rtr# remote login switch
rtr-sp# test monitor add 1 rp-inband [rx | tx | both]

Darrin Machay

YJT Solutions
440 South LaSalle St, Suite 3990
Chicago, IL 60605
www.YJTSolutions.com<UrlBlockedError.aspx>

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Usama
Pervaiz
Sent: Tuesday, January 12, 2010 2:24 PM
To: ccielab_at_groupstudy.com
Subject: OT: CEF debugging question

Hello all,

I am trying to debug CEF on a 6509. I want to know what traffic is
being punted to processed switched. Is there an easy show command that
i can use. I have tried:

sh ip cef switching statistics feature
sh cef not-cef-switched

but they only give me stats not what I am looking for.

I am doing this becuase my CPU is taking a beating and I think it is
because CEF is punting these packets down and hence killing my router.

Any and all help would be appreciated.

Thanks!
Usama

Blogs and organic groups at http://www.ccie.net<http://www.ccie.net/>
Received on Tue Jan 12 2010 - 17:35:08 ART