Version: NE40E&80E V300R002C06B325
Users on an NE40E had low E-Line service access speed. The delay of pinging the gateway from NE40E was large.The CPU usage of the service board in slot 1 on NE40E reached 93%. The top two tasks that had high CPU usage were VPR and COCK.
Ran the efu qos cp-car cnt_show 1 clear command in diagnosis mode to query the packets discarded by the CP CAR.
Excp ID : Green : Yellow : Red
9 P : 0x00000899c 0x00053e 0x000052a6
B: 0x0001d08c8 0x011b4c 0x00116f90
Configure a policy for the CP-CAR to deny IPV4_TCP packets and permit FTP packets.
acl number 3200--------Permit FTP packets and deny IPV4_TCP packets
rule 5 permit tcp source-port eq ftp-data
rule 10 permit tcp destination-port eq ftp-data
rule 15 deny tcp
traffic classifier acl3200 operator or
if-match acl 3200
traffic behavior acl3200
traffic policy acl3200
classifier acl3200 behavior acl3200
cpcar slot 1 ipv4-tcp----Apply the policy
High CPU usage on a service board is often caused by attacks. It is recommended to change CP-CAR to protect the CPU.Run the efu qos cp-car cnt_show 1 clear command to identify the attack.