Skip to Content.
Sympa Menu

wg-multicast - Re: Cisco IPv4 Multicast Issue

Subject: All things related to multicast

List archive

Re: Cisco IPv4 Multicast Issue


Chronological Thread 
  • From: Michael Forrest <>
  • To:
  • Subject: Re: Cisco IPv4 Multicast Issue
  • Date: Thu, 23 Mar 2006 22:07:02 +0000


Hi Peter,

Tried that initially, it seems the SAP announcements are processed before the ACL's are...and logs were filling up with msgs and router still fell over ;-) so no luck there :-(

-Michael

On 23 Mar 2006, at 22:04, Peter John Hill wrote:

You could also set up an access-list to block traffic from that host... not a great solution, but if you want to hold off on a router downgrade for a week, it would be a decent temporary workaround.

peter

On Mar 23, 2006, at 11:12 AM, Stig Venaas wrote:

Michael Forrest wrote:
Yeah that would be the simple option to turn it off, but we require the sap
announcements for the moment. It also shouldn't really have this effect on
the router, so agreed a TAC case is the way forward.

I would turn off "ip sap listen" as Caren noted. There is not much point
in leaving this on, it's only useful for debugging, and in my opinion of
very limited use. The router will forward SAP just fine with this off.

The reason the router runs out of memory, may not be a memory leak, but
might for instance be due to people sending lots of SAP announcements
for different groups. I hope IOS has a memory limit for that, but I
don't know. Having "ip sap listen" enabled might make you vulnerable to
DoS attacks where all cpu and memory in the router can be consumed,
unless there are some built-in limits...

Stig


Thanks :-)

-Michael

-----Original Message-----
From: Caren Litvanyi
[mailto:]
Sent: 23 March 2006 18:09
To: Michael Forrest
Cc:
Subject: Re: Cisco IPv4 Multicast Issue

I have not seen this issue before, and I agree with opening
A TAC case with Cisco.
I was wondering, does this mean you have "ip sap listen"
turned on? I tend not to unless really necessary.
Thanks,
Caren


On Thu, 23 Mar 2006, Michael Forrest wrote:

Has anyone seen the following issue with Cisco router running ipv4
multicast?

The log messages just seem to be full of the following msg:-

Mar 20 16:05:38 door.erg.abdn.ac.uk 299: *Mar 16 06:39:31.369 UTC:
%MROUTE-6-UNSUPPORTED_SAP_FORMAT: Received unsupported format SAP
message
from (129.116.74.139)

The MFIB (multicast forwarding information base) seems to have a memory
leak
and eventually consumes all the memory available on the router. The
router
becomes inaccessible on the console and over the network and requires a
power cycle to recover. Although strangely enough, still seems to be
functional (if just unaccessible).

A show ver from the router yields (it's a Cisco 2621XM):-

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version
12.4(7), RELEASE SOFTWARE (fc6)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Tue 28-Feb-06 23:32 by alnguyen

Doing a show proc memory shows that it seems to consume about 1MB of
memory
every 4-5hours until the router just falls over.

All the unsupported SAP messages come from a cluster of machines with
similar names to:-

vbrick-cma5136.communication.utexas.edu

Anyone had/solved this issue before?

-Michael

--
Michael Forrest,
Directorate of Information Systems and Services,
University of Aberdeen.

Tel: +44-1224-273392



------------
Caren Litvanyi, network engineer
Global Research NOC at Indiana University

o:812-856-4576 c:720-839-7739








Archive powered by MHonArc 2.6.16.

Top of Page