Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
517
Views
0
Helpful
2
Replies

SG550:CPU 100% when source and destination subnets are the same

redgasgiant
Level 1
Level 1

‎03-28-2023 10:24 AM

https://bst.cisco.com/bugsearch/bug/CSCvq89982)

I'm being affected by this issue. CPU is pegged. Support is saying to make a new /30 subnet or vlan to pass the traffic to the firewall. We want to make the least amount of changes possible. 

We have 1 route on our core right now. 0.0.0.0 to 10.1.10.100 (firewall)   

Can this be solved with a routing something like: 

0.0.0.0 to 10.250.1.0 

10.250.1.0 to 10.1.10.100  ? 

 

 

Labels:
0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎03-28-2023 10:56 AM

Hi

 you need to explain your environment better.  which role does the SG550 represent? Is it your core?

Why do you need a route where the source and the destination are the same?

If you need to send a traffic toward the firewall using a route, you need to do this

ip route "source traffic " "firewall´s IP"

Let´s say your network is 10.250.1.0 then do this

ip route 10.250.1.0 255.255.255.0 10.1.10.100 (not sure which mask  you use)

This way all traffic comming from 10.250.1.0 will be sending to the Firewall.

0 Helpful

redgasgiant
Level 1
Level 1
In response to Flavio Miranda

‎03-28-2023 11:03 AM

Hi Flavio, 

Sorry yes, SG550 is our Core.

And the bug says that we need to eliminate our current route that is making the source and destination the same subnet. 

So because of the bug we are being told we need a "dummy" vlan or subnet to bounce the traffic off of before it goes to firewall. 

0 Helpful
Customers Also Viewed These Support Documents