11-07-2012 01:39 PM - edited 03-04-2019 06:04 PM
For what "crypto sw pk pro" process is used?
Solved! Go to Solution.
11-07-2012 01:49 PM
HI,
As per my knowledge:
may be this u have seen while high cpu utlization :
When there is no hardware encryption module installed in the device, then all encrypted traffic coming through the device will have to be encrypted by the software. This is very CPU intensive. It is not recommend to use software encryption for any encryption deployment with a reasonable throughput requirement. One option to resolve this issue is to reduce the volume of encrypted traffic (re-route traffic or limit the flows that are encrypted). However, the best way to address this issue is to get a Hardware Encryption module installed for this device which eliminates the need for encryption to take place through the software.
Note: The enabling of crypto maps on Tunnel/Physical interfaces is a memory consumption process and can cause an increase in CPU.
If you are using SSH as a transport protocol for Telnet (VTY) lines, the RSA key will be generated every hour and you can experience hourly cpu spikes for the process 'crypto sw pk pro'.
Reagrds
Please rate if it helps.
11-07-2012 01:49 PM
HI,
As per my knowledge:
may be this u have seen while high cpu utlization :
When there is no hardware encryption module installed in the device, then all encrypted traffic coming through the device will have to be encrypted by the software. This is very CPU intensive. It is not recommend to use software encryption for any encryption deployment with a reasonable throughput requirement. One option to resolve this issue is to reduce the volume of encrypted traffic (re-route traffic or limit the flows that are encrypted). However, the best way to address this issue is to get a Hardware Encryption module installed for this device which eliminates the need for encryption to take place through the software.
Note: The enabling of crypto maps on Tunnel/Physical interfaces is a memory consumption process and can cause an increase in CPU.
If you are using SSH as a transport protocol for Telnet (VTY) lines, the RSA key will be generated every hour and you can experience hourly cpu spikes for the process 'crypto sw pk pro'.
Reagrds
Please rate if it helps.
07-06-2016 07:36 PM
I have no any encryption in my network.
How should I do?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: