cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
716
Views
0
Helpful
1
Replies

CPU Load Cisco ASA 5510 V. 8.4(4).1

Hi everyone!

Currently, we are monitoring a Cisco ASA which is running Software version 8.4(4).1. It is showing high cpu load (reaching 90%) at some hours, and our client (who is the owner) has asked us to troubleshoot this issue, since this is not a normal operating condition for the ASA.

We have checked over many forums and documents about "high cpu related to Dispatch Unit process", but we still don't know where to begin, and what steps we could recommend to our client. (We have only asked him to disable dns-guard, but it didn't help)

I have uploaded an archive, where I have extracted these outputs:

show processes cpu-usage sorted non-zero

show memory

show service-policy global

show interface

show run threat

And also I add this info from the running-config:

policy-map type inspect dns preset_dns_map

parameters  

  message-length maximum client auto

  message-length maximum 512

  no dns-guard

policy-map global_policy

class inspection_default

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny 

  inspect sunrpc

  inspect xdmcp

  inspect sip 

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect dns preset_dns_map

I would appreciate any recommendations.

Thanks

Fabio.

1 Reply 1

Ajay Saini
Cisco Employee
Cisco Employee

Hi,

Looks like high traffic/traffic bursts is causing high cpu on this ASA as suggested by show cpu and interface overruns.

Deeper investigation will be needed here, I would suggest opening a TAC case.

-

AJ

Review Cisco Networking for a $25 gift card