Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
CPCAR_TTL1_DROP and CPCAR...

CPCAR_TTL1_DROP and CPCAR_DROP_LPU(l)

Created: Dec 22, 2018 18:31:55Latest reply: Jan 27, 2019 14:26:23 3829 9 2 0 0
  Rewarded HiCoins: 0 (problem resolved)
display all floors 1#

Hi,


we are having problem with packet loss in SWITCH s6720, we have 5 units of this model, but the event happens only in that SWITCH. We use MPLS LDP and TE, VPLS Martini and VRF.


How can I use CPU-Defend to find out the error event?



Dec 22 2018 15:16:06-03:00 PA-CST-ROT-PE %%01ADPIPV4/4/CPCAR_TTL1_DROP(l)[1]:The 

number of packets sent to the CPU exceed the threshold 20000.(SLOT=0, CPCAR TYPE=CPCAR_TTL1, 

DiscardPacketCount=77016, Reason="A routing loop may occur")


Dec 22 2018 15:16:06-03:00 PA-CST-ROT-PE %%01DEFD/4/CPCAR_DROP_LPU(l)[2]:Rate of packets 

to cpu exceeded the CPCAR limit on the LPU in slot 0. (Protocol=ttl-expired, CIR/CBS=64/12032, 

ExceededPacketCount=77016)



Other Informations:


Huawei Versatile Routing Platform Software

VRP (R) software, Version 5.170 (S6720 V200R010C00SPC600)

Copyright (C) 2000-2016 HUAWEI TECH CO., LTD

HUAWEI S6720-30C-EI-24S-DC Routing Switch uptime is 10 weeks, 3 days, 10 hours, 24 minutes


ES5D2S26Q002 0(Master)  : uptime is 10 weeks, 3 days, 10 hours, 23 minutes

DDR    Memory Size      : 2048       M bytes

FLASH  Memory Size      : 446        M bytes

Pcb           Version   : VER.B

BootROM       Version   : 020a.0001

BootLoad      Version   : 020a.0001

CPLD          Version   : 0108

Software      Version   : VRP (R) Software, Version 5.170 (V200R010C00SPC600)

PWR1 information

Pcb           Version   : PWR VER.B

FAN1 information

Pcb           Version   : NA


  • x
  • convention:

Like (2) Dislike (0) Favorite(0) Share Report
Previous: IPSec support QoS ?
Next: The management network port cannot be accessed through SSH
Featured Answers

Recommended answer

(1) (0)
Jessica_Tian
Created Dec 23, 2018 13:23:31

Run the display cpu-defend statistics command in the user view multiple times to check whether the number of discarded TTL-expired packets continuously increases.
•If the number of discarded TTL-expired packets does not continuously increase and current services are normal, no action is required.
•If the number of discarded TTL-expired packets continuously increases, go to step 2.


2.Check whether a routing loop occurs on the network. If so, eliminate the loop.
3.Check whether the device is under an TTL-expired packet attack. If so, you are advised to configure the CPU attack defense policy to reduce the number of TTL-expired packets sent to the CPU and identify the attack source based on the source address and port information of attack packets.
View more
  • x
  • convention:
All Answers
Mysterious.color
Mysterious.color Created Dec 23, 2018 12:21:51

waiting for the solution
View more
  • x
  • convention:
Jessica_Tian
Jessica_Tian Created Dec 23, 2018 13:23:31

Run the display cpu-defend statistics command in the user view multiple times to check whether the number of discarded TTL-expired packets continuously increases.
•If the number of discarded TTL-expired packets does not continuously increase and current services are normal, no action is required.
•If the number of discarded TTL-expired packets continuously increases, go to step 2.


2.Check whether a routing loop occurs on the network. If so, eliminate the loop.
3.Check whether the device is under an TTL-expired packet attack. If so, you are advised to configure the CPU attack defense policy to reduce the number of TTL-expired packets sent to the CPU and identify the attack source based on the source address and port information of attack packets.
View more
  • x
  • convention:
EderRuffeil
EderRuffeil Created Dec 23, 2018 18:59:43

Hi,


The routing loop has been resolved, but TTL continues to be incremented.

How can I use cpu-defend to investigate the problem?

Thanks

xx_cpudefend
View more

This article contains more resources

You need to log in to download or view. No account? Register

x
  • x
  • convention:
EderRuffeil
EderRuffeil Created Dec 23, 2018 20:39:54

Hi,

I discovered the cause of the event as follows:

1. I created an ACL to filter the TTL-Expired event:

acl number 3001
  rule 10 permit ip ttl-expired

2. I made the capture of packages:

capture-packet cpu acl 3001 destination terminal packet-num 10

In the example below, in bold, would be the IP address that was causing the event.

  Packet: 5
  -------------------------------------------------------
  01 00 5e 00 00 02 a4 be 2b ac e0 bb 81 00 cc 1c
  08 00 45 c0 00 3e 69 da 00 00 01 11 0e cf 64 41
  fc 02 e0 00 00 02 02 86 02 86 00 2a f0 96 00 01
  00 1e 64 41 ff 01 00 00 01 00 00 14 00 4c f9 92
  -------------------------------------------------------

View more
  • x
  • convention:
yiyi0519
yiyi0519 Created Dec 24, 2018 01:14:47

please add the latest patch
View more
  • x
  • convention:
4am
4am Created Dec 24, 2018 01:17:05

Who can tell me that the problem has been solved
View more
  • x
  • convention:
Jessica_Tian
Jessica_Tian Created Dec 24, 2018 01:48:00

Posted by EderRuffeil at 2018-12-23 20:39 Hi,I discovered the cause of the event as follows:1. I created an ACL to filter the TTL-Expired even ...
in fact the ttl-expired will not influence the device, because it just the invalid route, it's normal that the device drop it. if you want to find the source, just as what you do and forbid the source. if you are sure there are no loop, in fact, can ignore that warning.
View more
  • x
  • convention:
No.9527
No.9527 Created Dec 25, 2018 02:40:19

cpu-defend that is just check the result but cannot check the root cause.

usually, TTL=1 always make routing loop.
we can configure acl then capture packet to check the source of routing loop
for example:
acl number 3001
rule 10 permit ip ttl-expired
then capture packet with the ACL
capture-packet cpu acl 3001 destination terminal packet-num 100

then you can see the ip address which caused the routing loop.
if you don't know how to do it, you may create ticket to ask huawei TAC support
View more
  • x
  • convention:
Skynet_india
Skynet_india Created Jan 27, 2019 14:26:23

Posted by EderRuffeil at 2018-12-23 18:59 Hi,The routing loop has been resolved, but TTL continues to be incremented.How can I use cpu-defend ...
Hi,

I am having the same problem " routing loop " how did u manage to solve the routing loop problem

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.