Question: Know of an easy way to limit PD requests per client in IOS?
A client device flipped out and did thousands of DHCP-PD requests. It filled our static ipv6 routing table on a switch... OSPFv3 was OK as we aggregate on /44 for layer3 switches.
The routing table on the 2960XR had ~4k /56s routing to the same link local address:
S 2607:FFFF:D151:D400::/56 [1/0] via FE80::52C7:BFFF:FE1D:D0F9, Vlan252 S 2607:FFFF:D151:D500::/56 [1/0] via FE80::52C7:BFFF:FE1D:D0F9, Vlan252 S 2607:FFFF:D151:D600::/56 [1/0] via FE80::52C7:BFFF:FE1D:D0F9, Vlan252 ... etc ...
Workaround: we blocked IPv6 for the one client, but want a better solution in place for the next TP-LINK router that blows up.
Only perk: made a really nice graph in our TCAM monitoring! sh platform tcam utilization is a great thing to graph. :)
No comments:
Post a Comment