Guest

Preview Tool

Cisco Bug: CSCvv88519 - NCS5500 inject extra 68B packet when punting TTL1 packet

Last Modified

Oct 06, 2020

Products (1)

  • Cisco Network Convergence System 5500 Series

Known Affected Releases

7.0.2.BASE

Description (partial)

Symptom:
Normally NPU has a 100pps police rate for Ipv4Ttl1traffic. 
However in lab test we found that for each Ipv4Ttl packet received on LC, 68byte packet will be generated and punted to CPU via VoQ 24/TC_1, even if the Ipv4Ttl packet was policed and dropped. So excessive Ipv4Ttl traffic will cause VoQ 24/TC_1 congestion. 
Other traffic which go through VoQ 24/TC_1 will be impacted and dropped due to congestion. For example, fragmented ICMP packets.

Lab Test
=======
I generated 40000pps 1500byts TTL1 packets for 30 seconds, which means totally 1200000 TTL1 packets.
On VoQ 24 TC_1 we got exact the same packet count 713946+486054 equals 1200000. 
And they are exactly 68 bytes, which means each TTL1 packet will trigger one 68byte packet sent to VoQ 24, no matter they are policed by NPU or not.
BTW, I also confirmed that Fragment ICMP packets also go through TC_1. 
 
RP/0/RP0/CPU0:NCS-5516-A#sh controllers npu stats voq base 24 instance all location 0/1/cpu0
Mon Sep 21 11:20:42.207 UTC
 
Asic Instance     =            0
VOQ Base          =           24
       ReceivedPkts    ReceivedBytes   DroppedPkts     DroppedBytes
-------------------------------------------------------------------
TC_0 = 25              2138            0               0               
TC_1 = 713946          48548328        486054          33051672        
TC_2 = 0               0               0               0               
TC_3 = 3037            4643573         0               0               
TC_4 = 60              11814           0               0               
TC_5 = 0               0               0               0               
TC_6 = 0               0               0               0               
TC_7 = 0               0               0               0

Conditions:
found on NC55-MOD-A-SE-S
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.