04-28-2010 04:20 AM - edited 03-04-2019 08:18 AM
Hello,
I have configured VLAN300 through 3 switches:
customer--C2960 - C7600 - C6500--customer
As it can be seen customer is connected via Ethernet(VLAN300).Customers has multicast traffic and on both sides sender and receivers.
I don't have multicast enabled on my switches, and regarding multicast configuration is default on all devices.
Problem starts when I configure Interface VLAN 300 on C7600, then sh proc cpu shows 100%/98% (which indicates that packets goes to CPU).
on C2960 and C6500 CPu utilisation is normal 3%.
I sniffed the traffic and packets are (50Mbps in each direction):
src IP: 10.10.10.101 port UDP 49152 dst IP: 239.10.100.110 port UDP 2001
and
src IP: 192.168.100.100 port UDP 4915 dst IP: 239.10.100.111 port UDP 1234
TTLs are 64, and also all checksums are correct.
when I put interface VLAN300 to shutdown, CPU utilisation on C7600 goes to 3%.
interface vlan300 doesn't have ip address, I was planning to use it just for policinig (to rate limit traffic on VLAN 300 - mls qos vlan-based)
C7600 has sup720BXL and IOS 12.2(18)SXF.
Why CPU utilisation goes to 100% when I just create interface VLAN, even without IP address?
Thanks in advance,
A.
04-28-2010 07:33 AM
If you configure multicast on a Vlan and you don't have PIM configured on any of the SVI, the IGMP Snooping service on switches won't work as designed.
In order to prevent this problem, you need a device with IGMP Snooping Querier configured on that Vlan and this device must have a SVI with an IP address assigned, in your case it can be the 7600 router.
Your issue is that when enabling the SVI - even without an IP address - unknown multicast/broadcast packets are being punted to the CPU.
For configuring IGMP Snooping Querier, please refer to the documentation:
Regards
Edison
04-28-2010 09:59 AM
Thank you very much Edison.
Thing is that I provided layer 2 connectivity to the customer, and I didn't know what type of traffic he is going to run through this VLAN.
I only noticed that CPU utilisation was high if I created interface VLAN.
So if C7600 detects multicast traffic in i.e. VLAN 10 and has configured interface VLAN 10 this traffic will be punted to CPU.
Can I avoid this behavior on C7600 (somehow to disable multicast on this VLAN)?
Since I don't want to interfere in customer's multicast traffic, I would like to avoid configuring "IGMP Snooping Querier".
Is there some other way or I must remove "interface VLAN 10"?
reagrds,
A
04-28-2010 10:04 AM
If Vlan 10 has an IP address the punting will be minimal but ideally you need to have a querier on a L3 SVI or just enabling PIM on the interface.
Regards
Edison.
04-29-2010 01:12 AM
Hi Edison,
I tried all 3 solutions which you had suggested but CPU utilisation doesn't drop below 80%-90%.
I tried:
1) adding IP address on interface VLAN10
2) adding IP address on Interface VLAN 10 and enabling PIM on that interface
router(config-if)#ip pim sparse-mode
WARNING: "ip multicast-routing" is not configured,
IP Multicast packets will not be forwarded
3) adding IP address and enabling IP snooping querirer
Regards,
A
04-29-2010 02:00 PM
On the 2nd option, did you enable multicast-routing? You need to do so in order for PIM to work.
It seems like you are being affected by a software bug so I recommend opening a TAC case to verify if that's the case.
Regards
Edison
04-30-2010 04:21 AM
I didn't enable multicast globaly. I don't know how would it affect other traffic since
this router is in production.
Thanks for advice Edison.
Regrads,
A
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide