Reset Search
 

 

Article

Network Performance issues when Purview GRE Tunnel is Down

« Go Back

Information

 
TitleNetwork Performance issues when Purview GRE Tunnel is Down
Symptoms
Customer perceived general network performance degradation when attached Purview appliance had its interface disconnected.
High CPU utilization (50-60%) reported.
Environment
Platform: S-series
  • Firmware: 8.21 or later
Purview: appliance or VM
  • Software version: 6.1 or later
Purview's management interface configured as Netflow collector on S-series, mirrored packets sent to Purview via a GRE tunnel between each S-series and Purview.
Cause
  • The GRE tunnel was configured on S-series with no keep-alive mechanism in place.
  • As long as there's an ARP entry for the Purview's IP the tunnel's state is "Up" even though Purview's interface was disconnected. Using default ageing timers Purview's MAC will be purged from the L2 database after 5min, the ARP entry remains present for much longer (hours).
  • After Purview's MAC is deleted at L2 all Netflow and GRE mirrored traffic will be sent via soft-path forwarding causing CPU utilization to go up to 60%.
Resolution
Create an ICMP probe on S-series and add it to the tunnel interface using the command "tunnel probe probe-name <probe>".
This ensures the GRE tunnel interface will change its state to "Down" if the Purview's interface becomes unreachable.

It would be advisable to change the ageing timers in such way ARP entries age out before MAC entries do. The following commands ensure ARP entries age out 5min before the MAC entries do.

Switch mode:
set mac agetime 14700       /* 4h5m
Router mode:
arp timeout 14400           /* 4h0m
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255