cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4504
Views
10
Helpful
2
Replies

crypto sw pk pro

Shahab Khan
Level 1
Level 1

For what "crypto sw pk pro" process is used?

1 Accepted Solution

Accepted Solutions

Sandeep Choudhary
VIP Alumni
VIP Alumni

HI,

As per my knowledge:

may be this u have seen while high cpu utlization :

High CPU due to Software Encryption

When there is no hardware encryption module installed in the device, then all encrypted traffic coming through the device will have to be encrypted by the software. This is very CPU intensive. It is not recommend to use software encryption for any encryption deployment with a reasonable throughput requirement. One option to resolve this issue is to reduce the volume of encrypted traffic (re-route traffic or limit the flows that are encrypted). However, the best way to address this issue is to get a Hardware Encryption module installed for this device which eliminates the need for encryption to take place through the software.

Note: The enabling of crypto maps on Tunnel/Physical interfaces is a memory consumption process and can cause an increase in CPU.

If you are using SSH as a transport protocol for Telnet (VTY) lines, the RSA key will be generated every hour and you can experience hourly cpu spikes for the process 'crypto sw pk pro'.

Reagrds

Please rate if it helps.

View solution in original post

2 Replies 2

Sandeep Choudhary
VIP Alumni
VIP Alumni

HI,

As per my knowledge:

may be this u have seen while high cpu utlization :

High CPU due to Software Encryption

When there is no hardware encryption module installed in the device, then all encrypted traffic coming through the device will have to be encrypted by the software. This is very CPU intensive. It is not recommend to use software encryption for any encryption deployment with a reasonable throughput requirement. One option to resolve this issue is to reduce the volume of encrypted traffic (re-route traffic or limit the flows that are encrypted). However, the best way to address this issue is to get a Hardware Encryption module installed for this device which eliminates the need for encryption to take place through the software.

Note: The enabling of crypto maps on Tunnel/Physical interfaces is a memory consumption process and can cause an increase in CPU.

If you are using SSH as a transport protocol for Telnet (VTY) lines, the RSA key will be generated every hour and you can experience hourly cpu spikes for the process 'crypto sw pk pro'.

Reagrds

Please rate if it helps.

I have no any encryption in my network.

How should I do?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: