cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3424
Views
0
Helpful
6
Replies

high cpu load after switching on SSH

ROLAND CUNZ
Level 1
Level 1

Hi all

10 days ago I configured SSH on a 2610XM with IOS 12.3(16) IPsec 3DES feature set. Since then I recognize high cpu load (sometimes 100%) on that router.

Is someone there who can give me a hint?

Thanks in advance

Roland

1 Accepted Solution

Accepted Solutions

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

View solution in original post

6 Replies 6

spremkumar
Level 9
Level 9

Hi

Would suggest to check out which process exactly hogs up the system.

you can make use of show process cpu command to check the same or show process cpu sorted will give u refined o/p.

also refer these links to know more on the same..

http://www.cisco.com/warp/public/63/highcpu.html

http://www.cisco.com/warp/public/63/showproc_cpu.html

regds

Hi

thanks for your answer. I checked the show process cpu already. But I forgot to post the result. Sorry. It's the SSH process which is the top process in the list. If I disable ssh the load goes to a normal value (approx. 30%).

regards

Roland

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

Hi

I've made the upgrade on that router to 12.3(16a) and now the load decreased rapidly. Obviously there is a bug in the other release.

Thanks for your hint.

Roland

Hello Roland,

you might be dealing with SSH port scans, try and restrict SSH access as much as possible, by using an access list on the external facing interface on your router:

access-list 101 permit tcp host 10.10.10.1 host 192.168.1.1 eq 22

This example would allow SSH connections only between the two hosts specified.

HTH,

GP

This would deny SSH for all connections

Hi

thanks for your hint. You are right. But there is a ACL already in place.

regards

Roland