S8016 and NE40 are connected through GE.
Phenomenon: S8016 and NE40 cannot establish ISIS neighbor relation.
Check SOCK and VPR process with display cpu and they are high. It is caused by virus attack if they are high. Common means is to use access control and change leaky bucket. But most of attacked source/destination addresses are disordered. Using access control cannot accurately define data traffic. Change leaky bucket of the system to optimize. Change No 2 of interface board of S8016 (ARP Miss message ARP MISS information, request next-hop ARP) and No 3 (FIB Miss Message, FIB MISS information, it often occurs when scanning network segment. The sending triggers ARP request.). When the leaky bucket is 2K, ISIS neighbor relation can be established normally.
Note: Now there is attack of the device in the network. The attack will result in that the device cannot normally handle protocol packet and CPU is high. For such problem, check which process of CPU is high and which leaky bucket drops packet. Change the size of leaky bucket to optimize.
The protocol packet is not handled normally because of attack.