After doing further investigation, I found that in-fact my Cisco-vxr
Npe-g2 and g1 in the path (between M7i and customer router) suffered
the Dos and due to cpu saturation the bgp flapped. Earlier I did not
noticed because the cpu utilization graph of Cisco showed only 50% in
npe-g2 and 80% in npe
I don't see any drops in the sofware or hardware queues towards RE. So
it does not look like it was this router that was affected by DOS
attack and caused BGP flap. As Stefan mentioned, check the logs for
the BGP notification reason and to find out if we sent or received the
Notification.
On Sun, Feb 15, 2009 at 5:49 AM, Samit wrote:
> I do have filter in placed to protect the RE. But the attack is not
> targeted or directed to any interfaces of my router. My customer network
> as under DoS attacked , tcpdump snapshot attached below "x" is source
> and "y" is target.
If the atta
I'm late jumping into this conversation, but are you using
virtual-chassis by chance?
Did the order of the individual units change when you upgraded?
Chris Adams wrote:
> Once upon a time, Tore Anderson said:
>
>> * Chris Adams
>>
>>> Never used Cisco I guess?
>>>
>> I have. As
Once upon a time, Tore Anderson said:
> * Chris Adams
> > Never used Cisco I guess?
>
> I have. As Steinar haug has already pointed out, IOS supports keeping
> ifIndexes static. Fortunately someone had the good sense to enable that
> feature, so they've never caused me any problems.
I guess I
* Chris Adams
> Never used Cisco I guess?
I have. As Steinar haug has already pointed out, IOS supports keeping
ifIndexes static. Fortunately someone had the good sense to enable that
feature, so they've never caused me any problems.
--
Tore Anderson
Redpill Linpro AS - http://www.redpill-lin
I do have filter in placed to protect the RE. But the attack is not
targeted or directed to any interfaces of my router. My customer network
as under DoS attacked , tcpdump snapshot attached below "x" is source
and "y" is target.
04:16:18.225986 IP x.x.x.x.12372 > y.y.y.y.18990: UDP,
length 36
0
The scp URL works fine in the 'file copy' but not in the 'request system
software add'
Is this a bug or a feature?
Thanks,
bit.
l...@olive-00> request system software add
"scp://l...@192.168.122.254/jinstall-9.3R2.8-domestic-signed.tgz"
fetch: scp://l...@192.168.122.254/jinstall-9.3R2.8-domesti
Hi Samit,
Do you have the output of "show pfe statistics traffic" from this
router?
What was the type of DoS attack traffic? Was it directed to any of
the interfaces on the router? Did you have any filter applied to
loopback interface to drop such traffic? If yes, did any of the
filter
9 matches
Mail list logo
