Cisco uRPF failures

[jrhett at netconsonance.com (Jo Rhett)]

On Sep 6, 2008, at 10:20 AM, Anton Kapela wrote:
> On Thu, Sep 4, 2008 at 11:35 AM, Jo Rhett <jrhett at netconsonance.com>  
> wrote:
>
>> That's the surprising thing -- no scenario.  Very basic  
>> configuration.
>> Enabling uRPF and then hitting it with a few gig of non-routable  
>> packets
>> consistently caused the sup module to stop talking on the console,  
>> and
>
> What do you mean by 'non routable?'

Should have been dropped by UDP.

> What was the src/dst makeup of the test traffic?

Both random sources and singular sources demonstrated the problem.

> What version of code? Also, port-channel/lag or ECMP?

I don't have those details handy now, nor am I likely to anytime  
soon.  If they've been solved in recent code, great.  But I've seen  
nothing in the tech notes.

>> quickly, but that turns out not to be the case.  To this day I've  
>> never
>
> I've never seen the issues you speak of, so it could be
> code/platform/config specific.
>
> Also, what sup were you testing?

720s, as said repeatedly.

> Forgive me, but what does bits/sec have to do with anything?


The problem only appeared at high bits/sec, as I've said repeatedly.

-- 
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source  
and other randomness