• Total Members: 12780
  • Latest: eduard
  • Total Posts: 28046
  • Total Topics: 8053
  • Online Today: 962
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: Selective packet discard  (Read 902 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Member
  • **
  • Posts: 17
  • KARMA: 1
  • Gender: Male
Selective packet discard
« on: 01. November 2012., 06:46:57 »

This document explains the Selective Packet Discard (SPD) mechanism and how it can be monitored and tuned.

Note: This document does not explain how to troubleshoot an increasing number of input drops in the show interfaces output on a Cisco 12000 Series Internet Router. For more information about this issue, refer to Troubleshooting Input Drops on the Cisco 12000 Series Internet Router.
Before You Begin

Refer to Cisco Technical Tips Conventions for information on document conventions.

There are no specific prerequisites for this document.
Components Used

The information in this document is based on these software and hardware versions:

   Cisco 7200 Series Router

   Cisco 7500 Series Router

   Cisco 12000 Series Internet Router

   All versions of Cisco IOSĀ® software

The information presented in this document was created from devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If you are working in a live network, ensure that you understand the potential impact of any command before using it.

Selective Packet Discard (SPD) is a mechanism to manage the process level input queues on the Route Processor (RP). The goal of SPD is to provide priority to routing protocol packets and other important traffic control Layer 2 keepalives during periods of process level queue congestion.

Historically, on platforms such as the Cisco 7x00 and non-Cisco Express Forwarding (CEF) 7500 systems, significant numbers of transit packets were forwarded by the Route Processor in order to populate the fast switching cache. Consequently, SPD was required in this case to prioritize the routing protocol packets over the transit packets which share the same queue.

Currently, on the Cisco 12000 Series Internet Router and on the 7500 running CEF, only traffic destined to the router itself is sent to process level. In this case, SPD is used to prioritize routing protocol packets when management traffic such as Simple Network Management Protocol (SNMP) is present or when a Denial of Service (DoS) attack sending traffic to the RP is occurring.
The SPD Process

On the Cisco 12000 Series, when a line card determines that an incoming packet needs to be punted to the RP for processing, the packet travels across the switch fabric as Cisco Cells and is eventually received by the Cisco Cell Segmentation and Reassembly (CSAR) Field Programmable Gate Array (FPGA).

Its purpose is to handle the traffic between the switch fabric and the RP CPU, and this is where the SPD checks are performed. This applies to IP packets, Connectionless Network Service (CLNS) packets, Layer 2 keepalives, and similar packets punted to the RP. SPD makes two checks and can potentially drop a packet in one of these two states:

   SPD state check

   Input queue check

SPD State Check

The IP process queue on the RP is divided into two parts: a general packet queue and a priority queue. Packets put in the general packet queue are subject to the SPD state check, and those that are put in the priority queue are not. Packets that qualify for the priority packet queue are high priority packets such as those of IP precedence 6 or 7 and should never be dropped. The non-qualifiers, however, can be dropped here depending on the length of the general packet queue depending on the SPD state. The general packet queue can be in three states and, as such, the low priority packets may be serviced differently:

   NORMAL: queue size <= min

   RANDOM DROP: min <= queue size <= max

   FULL DROP: max <= queue size

In the NORMAL state, we never drop well-formed and malformed packets.

In the RANDOM DROP state, we randomly drop well-formed packets. If aggressive mode is configured, we drop all malformed packets; otherwise, we treat them as well-formed packets.

Note: These random drops are called SPD flushes. Basically, when the interface gets overloaded, flushes occur. Buffer misses cause the flush counter to increment.

In FULL DROP state, we drop all well-formed and malformed packets. These minimum (default 73) and maximum (default 74) values are derived from the smallest hold-queue on the chassis, but can be overridden with the global commands ip spd queue min-threshold and ip spd queue max-threshold.
Aggressive Mode

SPD can be configured for two different modes: normal (default) and aggressive. The only difference between the two is how the router accounts for invalid IP packets (invalid checksum, incorrect version, incorrect header length, incorrect packet length). Malformed IP packets are dropped by SPD when we are in aggessive mode and in the Random drop state. Aggressive mode can be configured using the ip spd mode aggressive command.

Note: Aggressive mode is not implemented on the Cisco 12000 Series Internet Router since malformed IP packets are dropped directly by the ingress line card, and these packets are not punted to the Gigabit Route Processor (GRP). As a result, aggressive mode is not needed on this particular platform.

Samker's Computer Forum -

Selective packet discard
« on: 01. November 2012., 06:46:57 »


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising