Hi CSC,
I came across a interesting sympton. Please refer to the following topology.
host 1 <-> R1 <-> R2 <-> FW<-> host2
host 1 is configured to send syslog to host2, however due to firewall ACL is not configured, this has caused a spike to 99% in R1 which already has 70% - 80% cpu.
My questions are :
1) Even if the firewall is sending RST back to host 1, it should not caused an 20% cpu increase in R1 cpu. Why this is so? Router model is 3620.
2) How do i prevent this from happening in future? This could potentially allow someone to send random traffic to hosts and cause network performance issue. Is there a way to turn off the RST response from the Firewall? This is an Cisco ASA.
Rgrds,
Benson