Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3151
Views
10
Helpful
20
Replies

MLSCEF-DFC1-4-FIB_EXCEPTION_THRESHOLD:

Keith McElroy
Level 1
Level 1

‎12-04-2012 08:17 AM

OK, as you can see got that error as well as these:

*Aug  8 00:03:37: %MLSCEF-SP-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for MPLS protocol.

*Aug  8 00:03:36: %MLSCEF-SP-STDBY-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for MPLS protocol.

*Aug  8 00:03:39: %MLSCEF-DFC2-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for MPLS protocol.

*Aug  8 00:03:41: %MLSCEF-DFC1-4-FIB_EXCEPTION_THRESHOLD: Hardware CEF entry usage is at 95% capacity for IPv4 unicast protocol.

Little background on what I have and what was being done when this happened. I hope this makes sense from a design standpoint, but I am working with the hardware and services I have been given and trying to make it function.

Currently we have a 7609 that is doing PE as well as full Internet table border duties. I don't have dedicated route reflectors and no router redundancy, I am fairly limited by budget. We are preparing to roll out MPLS enterprise services and in preperation, I was planning on pushing the Internet table to an "Internet" VRF so I can easily bleed over routes to allow Internet access for the users as well as putting the phone switch in that VRF so it can have public access and also facilitate MPLS for customers that need to do voice (this will be most). I am limited to only this 7609 for this POP connected to a 6509 that does interior switching and interconnects. I am using a SUP720 with 1GB of RAM. I am currently consuming approximately 650MB of RAM and processor averages 10% and spikes to 60% max during BGP sweeper.

FIB TCAM maximum routes :

=======================

Current :-

-------

IPv4 + MPLS         - 512k (default)

IPv6 + IP Multicast - 256k (default)

There is my FIB TCAM

Total routes:                     427677

    IPv4 unicast routes:          427571

    IPv4 Multicast routes:        3

    MPLS routes:                  102

    IPv6 unicast routes:          1

    IPv6 multicast routes:        0

    EoM routes:                   0

And there is current usage, as you can see, still within the allotment. It locked up during the errors, but I was consoled in so I could see everything. It stated I ran out of memory, gave errors for not being able to allocate labels (I realize I would probably have to increase the allocation for LDP) and turned off CEF/distributed forwarding. I have attached a text file with the output I got from the console, I deleted the BGP neighbor failures with any IPs, but the rest is untouched. If anyone has any suggestions or ideas, I would appreciate the feedback.

Labels:
139433-NY failure.txt.zip
0 Helpful
20 Replies 20

Raju Sekharan
Cisco Employee
Cisco Employee
In response to Keith McElroy

‎01-17-2013 07:12 PM

ok.

If you have BGP show outputs colleted during the issue, we can review those.

Otherwise you need to troubleshoot this in next MW

Thanks

Raju

0 Helpful

Keith McElroy
Level 1
Level 1
In response to Raju Sekharan

‎01-17-2013 07:24 PM

I didn't save the outputs, but I can give the general things I have from when I was checking.

Connections were good, neighbors were clean and up for like 15 minutes. Inbound routes were full, outbounds for those neighbors just never went. Router ID was set, I manually set it since it couldn't find it automatically with the VRF setup. Auto summary was off, sync was off. EIGRP converged and had routes in the table properly.

0 Helpful

Raju Sekharan
Cisco Employee
Cisco Employee
In response to Keith McElroy

‎01-17-2013 08:40 PM

Hi Keith.

ok. Unfortunately, I won't be able to narrow down that issue without outputs

Thanks

Raju

0 Helpful

Keith McElroy
Level 1
Level 1
In response to Raju Sekharan

‎01-18-2013 07:08 AM

What commands do you need output for?

0 Helpful

Raju Sekharan
Cisco Employee
Cisco Employee
In response to Keith McElroy

‎01-24-2013 06:57 AM

Hi Keith

I assume you had configured MP-BGP VPNV4 neighbour relation between the neighbors.

We can look at following show and debug outputs for the affected prefix

1. show ip bgp vpnv4 all vrf prefix

2. Show ip bgp vpnv4 all nei advertised-routes

3. deb ip bgp vpnv4 unicast updates events

4. deb ip bgp vpnv4 unicast updates ==>> use an ACL matching one of the prefix which was failed to advertise

Thanks

Raju

0 Helpful

Pavol Golis
Cisco Employee
Cisco Employee

‎02-05-2013 09:52 AM

Root cause is simple, when you put Internet into VRF all Internet prefixes gets MPLS label, you have allocated 512k TCAM lines for IPv4 and MPLS, since its IPv4 430k + MPLS 430k = 860k it can't fit into 512k. Configure per-VRF label allocatation scheme for 7600 and not default one which is per-prefix.

0 Helpful
Customers Also Viewed These Support Documents