06-29-2010 08:48 AM - edited 03-04-2019 08:55 AM
Hi all,
My core switch is choking with high CPU frequently.
There is no routing protocal configured just Static toutes are configured and one PBR.
Request you to help me to resolve this.
Please check the attached logs for reference.
06-30-2010 08:39 AM
Hello,
I see from your outputs that the process consuming the CPU cycles is K2FibFlowCache flow which is the PBR cache management process.
1. What is the frequency and duration of the CPU spikes? Do they appear when the traffic rate is high?
2. How complex the route-map and the ACL for PBR is?
Regards.
07-01-2010 06:24 AM
Hi Jorge,
Thq for your reply...I agree with you the issue is because of PBR but the PBR was thr since long time i mean 2 to 3 years we didn't find this kind of issue before.we are noticing since 2 months only.
1. No it will go up in non peak hours also.And it will be for some 30 minutes once we reboot the one of the connected switch(Servers connected) then the CPU will go down.
2.
4507R#sh access-list Vlan192
Extended IP access list Vlan192
10 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.0.255 (1301 matches)
20 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.0.255 (195 matches)
30 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.255.255.255 (2903927 matches)
40 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.255.255 (58150022 matches)
50 permit ip x.x.x.x 0.0.255.255 any (7397 matches)
4507R#
4507R#
4507R#sh access-list Vlan16
Extended IP access list Vlan16
10 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.0.255
20 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.0.255
30 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.255.255.255
40 deny ip x.x.x.x 0.0.255.255 x.x.x.x 0.0.255.255
50 permit ip x.x.x.x 0.0.255.255 any
4507R#
4507R#sh route-map
route-map internet, permit, sequence 10
Match clauses:
ip address (access-lists): Vlan192
Set clauses:
ip next-hop x.x.x.x
Policy routing matches: 7397 packets, 4510260 bytes
route-map simplex, permit, sequence 11
Match clauses:
ip address (access-lists): Vlan16
Set clauses:
ip next-hop x.x.x.x
Policy routing matches: 0 packets, 0 bytes
4507R#
07-01-2010 10:08 PM
Hi
Configure ip flow-top-talkers
in core switch, it helps identify from which ip your getting more traffic.
After that shutdown that server and check for some time your facing same issue or not .
Link for configuration
Regards
Ram
07-02-2010 02:00 AM
Hi Prasad,
Thq for your reply.
My Switch dosen't support this command.It is running IOS Version 12.2(25)EWA8 and i can't update the IOS for this.
07-03-2010 09:13 PM
Hi ,
Please send show processes cpu output.
Regards
Ram
07-06-2010 01:40 AM
Hi Ram,
The logs are already attached.
please check.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: