The Netvisor OS CPU Control Packet Processing Protection feature allows the CPU control packet processing path be protected against misbehaving and malicious hosts or end-points that may flood control protocol packets. This is also called “CPU hog protection”.

If a host floods a control protocol packet, it floods the to-cpu queue. This prevents lower-rate packets from valid senders from reaching Netvisor, resulting in traffic loss for those hosts. Typically a traffic loss occurs for other hosts on the network. Netvisor can process large streams of both valid and malformed protocol packets for various protocols.

Syntax   cpu-class-settings-show


hog-checker-interval hog-checker-interval-number (ms)

Specify the hog checking interval in milliseconds. 

hog-max-hosts-per-class hog-max-hosts-per-class-number

Specify the maximum number of active hosts tracked per CPU class.

hog-max-violators-per-port hog-max-violators-per-port-number

Specify the maximum number of hog violators per port.

Specify the hog warning threshold.

hog-violator-timeout hog-violator-timeout-number (s)

Specify the timeout before restoring the hog violator to normal queue after an idle state.

Formatting Options

(show commands only)

format fields-to-display

Display output using a specific parameter. Use all to display all possible output.

parsable-delim character

Display output formatted for machine parsing using a specified delimiter.


Display output in ascending order.


Display output in descending order.

show dups

Display duplicate entries in the output.

layout vertical|horizontal

Format the output in a vertical or horizontal layout.

show-interval seconds-interval

Repeat the show command at a specified interval.


Display column headers or not.

limit-output number

Limit the display output to a specific number of entries.


Display the number of entries in the output. This is useful with vRouter show commands.


Display full values in the output instead of scaled approximate values.


Display integer values instead of mapped values


Aggregate output by specific parameters. If sum-by fields are specified, records that have the same value in sum-by fields are combined and displayed as one aggregate record. NOTE: This option is only available for show commands that collect statistics such as connection-stats-show.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 2.6.0.

Usage   Use this command to display statistic settings for CPU hog protection.

Examples  To display statistic settings for CPU hog protection, use the following syntax:

CLI network-admin@switch > cpu-class-settings-show

switch:                     Spine01

hog-checker-interval(ms):   100

hog-max-hosts-per-class:    500

hog-max-violators-per-port: 50

hog-warning-threshold:      5

hog-violator-timeout(s):    20

