This document disucsses on high CPU condition seen in Catalyst 6500 platforms due to IOS Server Load Balancing (SLB) feature.
Catalyst 6500 reporting high CPU due to interrupts and "IP Input" process.
C6K-A#show process cpu sorted | exclude 0.00
CPU utilization for five seconds: 98%/57%; one minute: 99%; five minutes: 97%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
227 816331652 12632718 4266 32.10% 31.69% 31.07% 0 IP Input
Troubleshooting and Symptoms:
The IOS SLB is configured with "nat server""
ip slb serverfarm TEST-FARM1
nat client POOL1
Switch do NOT have any sw-installed Netflow entries:
C6K-A#show mls netflow ip sw-installed
Displaying Netflow entries in Active Supervisor EARL in module 5
C6K-A#show mls netflow ip sw-installed module 1 <<=== Ingress DFC module Displaying Netflow entries in Active Supervisor EARL in module 1
SLB has active connections:
C6K-A#show ip slb connections
vserver prot client real state nat
------------------------------------------------------------------------------- VSERVER-NAME TCP <client-ip>:<port> <real-ip>:<port> <TCP-State> S,C <snip>
Root-Cause and Resolution:
When the client sends the traffic to virtual IP address, the load-balancer (in this case, IOS SLB) will NAT the traffic, as the real/physical severs are NOT aware of the virtual IP address.
Cat6500 with "nat server" configuration, the switch is NOT capable of creating hardware shortcuts. As a result, the traffic will be process/software switched. This is done by punting the traffic to the CPU and it can be verified by: (Here, 10.50.50.2 is IP address of a virtual server)
C6K-A#show tcam int vlan <client-vlan> acl in ip | inc 10.50.50.2 punt udp any host 10.50.50.2
redirect tcp any host 10.50.50.2 fragments
policy-route tcp any host 10.50.50.2 eq <port#> <snip>
To resolve this issue, it is recommended to configure IOS SLB in "Dispatched" mode.
hello,I had a problem updating C6880x. The currently running version is 15.2(1)sy5. The update attempt versions are 15.5(1)sy4 and 15.2(1)sy8.After updating, the 16p10G module is not recognized. The update method is as follows.1. copy disk0...
hey i tried for at least 5hours to make a connection beetween rip and ospf but i just doesnt work. i saw a youtube video and did exactly the same but idk what the problem is. Can someone please look at my pkz file. I tried to connect router 3 and rou...
Trying to find a 3D CAD model (.stp file is fine, any dumb solid model works) for WS-C3650 series of switches. Tech support basically said they couldn't help me and to contact a partner which was not very helpful, hoping someone here can point me in the r...
Hi all, I have 4 Cisco 2960x switches, 1 acting as a "core" with port channels to the other 3 distribution switches. 1 of the port channels is fiber and the other 2 are copper. On the interfaces of every distribution switch I have CRC and...