North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Cisco IOS Failure due to Virus

  • From: Mark Segal
  • Date: Mon Sep 15 15:38:53 2003

Got love nanog..

A nice man from cisco called me, it looked like a lot of packets on my
router were being process switched (sh ip cache - displayed A LOT of
entries).  Anyway, it turns our some of my atm sub-ints inherited a "no ip
route-cache cef" from a parent int and well you can see what happens when
the packet volume increase.

Richard I would check that..

So now to life the rate-limit and see what happens..

Regards,
Mark


--
Mark Segal 
Director, Network Planning
FCI Broadband 
Tel: 905-284-4070 
Fax: 416-987-4701 
http://www.fcibroadband.com

Futureway Communications Inc. is now FCI Broadband


-----Original Message-----
From: Mark Segal [mailto:[email protected]] 
Sent: September 15, 2003 1:50 PM
To: 'Richard J.Sears'; 'Robert Blayzor'
Cc: 'Nanog'; Mihai Iancu
Subject: RE: Cisco IOS Failure due to Virus




We are seeing the same problem on all of the 6400-nrp aggregation boxes we
have in the network.  Here is the IOS bug ID - CSCec12495.. Actually by rate
limiting icmp on our network the problems have stopped/slowed down a lot.

Sorry for the delay.. Was out of the country for a while..
Mark


--
Mark Segal 
Director, Network Planning
FCI Broadband 
Tel: 905-284-4070 
Fax: 416-987-4701 
http://www.fcibroadband.com

Futureway Communications Inc. is now FCI Broadband


-----Original Message-----
From: Richard J.Sears [mailto:[email protected]] 
Sent: September 11, 2003 12:26 AM
To: Robert Blayzor
Cc: Nanog
Subject: Re: Cisco IOS Failure due to Virus



Hi Robert,

Thanks for the info. We are running dCEF...routers show about 4% CPU load
and the following memory:


BR02#sh mem              
               Head   Total(b)    Used(b)    Free(b)  Lowest(b) Largest(b)
Processor  613AE340   247798976   106515996   141282980   140653360
134546752
     Fast  6138E340     131080      37240      93840      93840      93788


Also, we are not blocking 92 byte ICMP due to the traceroute problems on
customers networks...

Thanks

On Wed, 10 Sep 2003 23:17:01 -0400
Robert Blayzor <[email protected]> wrote:

> 
> On 9/10/03 10:58 PM, "Richard J.Sears" <[email protected]> wrote:
> 
> > %SYS-2-MALLOCFAIL: Memory allocation of 704 bytes failed from
> > 0x60329F00, alignment 0
> > Pool: Processor  Free: 92744  Cause: Memory fragmentation Alternate 
> > Pool: None  Free: 0  Cause: No Alternate pool -Process= "Pool 
> > Manager", ipl= 0, pid= 6 -Traceback= 6038049C 60382200 60329F08 
> > 6038DEDC
> > 
> > %TCP-6-NOBUFF: TTY0, no buffer available
> > -Process= "BGP Router", ipl= 0, pid= 132
> > 
> > %% Low on memory; try again later
> 
> Did you enable CEF?
> Are you dropping 92 byte ICMP packets where needed?
> 
> --
> Robert Blayzor, BOFH
> INOC, LLC
> [email protected]
> PGP: http://www.inoc.net/~dev/
> Key fingerprint = A445 7D1E 3D4F A4EF 6875  21BB 1BAA 10FE 5748 CFE9
> 
> "I don't need parents. All I need is a recording that says, 'Go play
> outside!" - Calvin and Hobbes
> 


******************************************
Richard J. Sears
Vice President         
American Digital Network                          
----------------------------------------------------
[email protected]
http://www.adnc.com
----------------------------------------------------
858.576.4272 - Phone
858.427.2401 - Fax
----------------------------------------------------

I fly because it releases my mind 
from the tyranny of petty things . . 


"Work like you don't need the money, love like you've
never been hurt and dance like you do when nobody's
watching."