Re: CEF debugging question

Thanks for the reply guys!

Darrin: you hit the nail on the head. That is exactly what is going on
although I am not NATing. I will try what you suggested tomorrow and let you
know what happens.

Thanks again for the response.

Usama

On Tue, Jan 12, 2010 at 6:35 PM, Darrin Machay <
darrin.machay_at_yjtsolutions.com> wrote:

> I agree that turning off CEF for debugging is usually a very bad idea,
> outside of a lab environment. It sounds like Usama is seeing unexpectedly
> high levels of process switching (e.g. high CPU on "IP Input" process) and
> he's trying to figure out what that traffic is (correct me if I'm wrong).
> I've run into this situation many times, especially involving NAT scenarios
> on 6509s/SUP720s. Spanning RP-inband is a low-impact way of seeing the
> punted traffic in real-time.
>
> ------------------------------
> *From:* Keegan.Holley_at_sungard.com [Keegan.Holley_at_sungard.com]
> *Sent:* Tuesday, January 12, 2010 4:59 PM
> *To:* Darrin Machay
> *Cc:* ccielab_at_groupstudy.com; Usama Pervaiz; nobody_at_groupstudy.com
>
> *Subject:* RE: CEF debugging question
>
>
> Umm... why would you want to debug if the cpu is already pegged? This
> sounds like it may not end well. Also, I don't think you can debug cef
> traffic. It was invented not to go to the processor so you would have to
> turn cef off to see anything. If you do a sh proc cpu what process is using
> the most resources?
>
>
> From: Darrin Machay <darrin.machay_at_yjtsolutions.com> To: Usama Pervaiz
> <chaudri_at_gmail.com> Cc: "ccielab_at_groupstudy.com" <ccielab_at_groupstudy.com>
> Date: 01/12/2010 04:43 PM Subject: RE: CEF debugging question Sent by: <
> nobody_at_groupstudy.com>
> ------------------------------
>
>
>
> The easiest way to see what's going on is to span RP-inband and use a
> sniffer like WireShark to take a look at the punted packets.
>
> See the section "SPAN RP-Inband and SP-Inband":
> http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00804916e0.shtml
>
> Assuming you want to use span session 1:
> rtr# remote login switch
> rtr-sp# test monitor add 1 rp-inband [rx | tx | both]
>
>
> Darrin Machay
>
> YJT Solutions
> 440 South LaSalle St, Suite 3990
> Chicago, IL 60605
> www.YJTSolutions.com <http://urlblockederror.aspx/>
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com<nobody_at_groupstudy.com>]
> On Behalf Of Usama Pervaiz
> Sent: Tuesday, January 12, 2010 2:24 PM
> To: ccielab_at_groupstudy.com
> Subject: OT: CEF debugging question
>
> Hello all,
>
> I am trying to debug CEF on a 6509. I want to know what traffic is
> being punted to processed switched. Is there an easy show command that
> i can use. I have tried:
>
> sh ip cef switching statistics feature
> sh cef not-cef-switched
>
> but they only give me stats not what I am looking for.
>
> I am doing this becuase my CPU is taking a beating and I think it is
> because CEF is punting these packets down and hence killing my router.
>
> Any and all help would be appreciated.
>
> Thanks!
> Usama
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue Jan 12 2010 - 20:28:56 ART