ASA 5520 CPU usage high

Md.Mosharof Hossain · ‎12-04-2013

Hi,

Our peri firewall cpu usgae is very high. please find the output log and help.

PeriFW-01# sh processes cpu-usage sorted

PC Thread 5Sec 1Min 5Min Process

081aa5f9 c8daf870 96.0% 95.5% 95.6% Dispatch Unit

08b3709e c8da0c30 2.5% 2.6% 2.5% SNMP Notify Thread

08191128 c8da5508 0.5% 0.5% 0.5% tmatch compile thread

0927f1ea c8daa9b0 0.2% 0.1% 0.1% Checkheaps

08b13d95 c8da9210 0.2% 0.2% 0.2% Logger

08b9ac8c c8d966d0 0.1% 0.1% 0.1% ssh

083c1452 c8da21d8 0.0% 0.0% 0.0% fover_health_monitoring_thread

083db19b c8da29b8 0.0% 0.0% 0.0% fover_ip

08054f3c c8dafc60 0.0% 0.0% 0.0% block_diag

083ae5b5 c8daf480 0.0% 0.0% 0.0% CF OIR

08a1f8b0 c8daf288 0.0% 0.0% 0.0% lina_int

08068755 c8daeca0 0.0% 0.0% 0.0% Reload Control Thread

080705a6 c8daeaa8 0.0% 0.0% 0.0% aaa

08b5a75b c8dae6b8 0.0% 0.0% 0.0% Boot Message Proxy Process

080a0f36 c8dae4c0 0.0% 0.0% 0.0% CMGR Server Process

080a1445 c8dae2c8 0.0% 0.0% 0.0% CMGR Timer Process

081a974c c8dad8f0 0.0% 0.0% 0.0% dbgtrace

0843b0fc c8dad110 0.0% 0.0% 0.0% 557mcfix

0843af1e c8dacf18 0.0% 0.0% 0.0% 557statspoll

08c2bb4d c8dabd60 0.0% 0.0% 0.0% netfs_thread_init

09250e05 c8dab388 0.0% 0.0% 0.0% Chunk Manager

088b480e c8dab190 0.0% 0.0% 0.0% PIX Garbage Collector

088a7cb4 c8daaf98 0.0% 0.0% 0.0% IP Address Assign

08a6e896 c8daada0 0.0% 0.0% 0.0% QoS Support Module

0892250f c8daaba8 0.0% 0.0% 0.0% Client Update Task

08a72385 c8daa3c8 0.0% 0.0% 0.0% Quack process

PeriFW-01# sh ver

Cisco Adaptive Security Appliance Software Version 8.2(1)

Device Manager Version 6.2(1)

Compiled on Tue 05-May-09 22:45 by builders

System image file is "disk0:/asa821-k8.bin"

Config file at boot was "startup-config"

PeriFW-01 up 2 days 17 hours

failover cluster up 2 days 17 hours

Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

Boot microcode : CN1000-MC-BOOT-2.00

SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04

0: Ext: GigabitEthernet0/0 : address is 0025.84fc.e984, irq 9

1: Ext: GigabitEthernet0/1 : address is 0025.84fc.e985, irq 9

2: Ext: GigabitEthernet0/2 : address is 0025.84fc.e986, irq 9

3: Ext: GigabitEthernet0/3 : address is 0025.84fc.e987, irq 9

4: Ext: Management0/0 : address is 0025.84fc.e988, irq 11

5: Int: Internal-Data0/0 : address is 0000.0001.0002, irq 11

6: Int: Internal-Control0/0 : address is 0000.0001.0001, irq 5

Licensed features for this platform:

Maximum Physical Interfaces : Unlimited

Maximum VLANs : 150

Inside Hosts : Unlimited

Failover : Active/Active

VPN-DES : Enabled

VPN-3DES-AES : Enabled

Security Contexts : 2

GTP/GPRS : Disabled

SSL VPN Peers : 2

Total VPN Peers : 750

Shared License : Disabled

AnyConnect for Mobile : Disabled

AnyConnect for Linksys phone : Disabled

AnyConnect Essentials : Disabled

Advanced Endpoint Assessment : Disabled

UC Phone Proxy Sessions : 2

Total UC Proxy Sessions : 2

Botnet Traffic Filter : Disabled

This platform has an ASA 5520 VPN Plus license.

narawat · ‎12-04-2013

Hi Md,

As per the logs dispatch unit is utilizing the max CPU, this process is related to traffic on ASA,

Get the following Outputs:

Please follow the following documents:

show process cpu-usage sorted non-zero

show tech

Cheers,

Naveen