cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
722
Views
0
Helpful
8
Replies

High unwanted traffic flowing between two hosts over WAN Link

chinmay30
Level 1
Level 1

Hi,

i have problem of CPU utilization picks up on the one end router. And while i see ip accounting there seems lots of traffic flowing between the source router and remote end router public IPs. I tried to add ACL for denying IP Traffic between those IPs. That doest not solve my problem.

8 Replies 8

mounir.mohamed
Level 7
Level 7

Can you share your config, or at least the source and destination + the ACL statments.

Router -1 : (Which is creating high traffic)

interface FastEthernet0/1

ip address 58.x.x.x 255.255.255.248

ip access-group 100 out

duplex auto

speed auto

access-list 100 deny ip host 59.x.x.x(Destination - other end) host 58.x.x.x

access-list 100 permit ip any any

Router -2

is having same config for interface with ip add in 59 series...and no ACL has been configured on it..and surprisingly no traffic flowing in or out showing on this router for source address 62.x.x.x.

I hope this clears.. if you still want any inputs please let me know..

If u stop all communication between 2 routers, u'll end up loosing adjacency.

Is it possible to paste ip accounting output for these specific entries.

by the way, The acl shud be placed on serial interface if the 2 are forming neighborship over serial. Direction should be "in" bcoz destination is this router.

ACL will not work because they are not generating IP Traffic at all.. it seems.. and They are not connected directly using this interfaces..

Attached IP Accounting output for ur ref..

Is it a typing error, or is your access-list the wrong way round? If it is any outgoin g access list, don't you need the remote host as the destination parameter?

access-list 100 deny ip host 58.x.x.x (our address) host 59.x.x.x (Destination - other end)

Kevin Dorrell

Luxembourg

That was Typing mistake.. and ACL should not require at all as no host on this side sending any interesting traffic to other end.. but still in source router (58.x.x.x) generating lots of traffic towards Destionation router (59.x.x.x)

Can we see a full config?

Perhaps the traffic is as a result of a translation?

Review Cisco Networking for a $25 gift card