For those who have NBAR enabled on their 7200's.
SY,
--
CCNP, CCDP (R&S) Dmitri E. Kalintsev
CDPlayer@irc Network Architect @ connect.com.au
dek @ connect.com.au phone: +61 3 9674 3913 fax: 9251 3666
UIN:7150410 mobile: +61 414 821 382
----- Original Message -----
From: "[censored]" <[censored]@cisco.com>
Sent: 21 Sep 2001 10:30
Subject: 7200/nbar crash
> Hi Dmitri
>
>
> It might be:-
>
>
> CSCdv06207 NBAR access-lists may cause a bus error on a c7200
>
> This has been made worse by nimda.
>
>
> Here is the release note:-
>
> ---------------------------------------------------------------------
> Configuring Network-Based Application Recognition and Access Control
> Lists on
> a Cisco7200 may cause a bus error. This happens when a stateful
> session closes
> at exactly the same time that the system tries to timeout the same
> flow. The
> only known workaround for this problem is to use `ip nbar resources #
> # #'
> command to extend the time until the system will try to timeout an unused
> flow. For example : `ip nbar resources 600 1000 50' will make the system
> wait 10 minutes (600 seconds) until it tries to clean up a flow. The
> longer
> delay will make it vanishingly unlikely that a RST or FIN packet will
> arrive
> at the same time.
> ---------------------------------------------------
>
>
> In internal cisco maling lists - the following has been suggested
>
> >I would do the following : ( make sure you have enough memory )
> >
> >ip nbar resources 600 2000 200
>
>
<
imit/121e/121e2/nbar2e.htm#xtocid297938>
>
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on
