Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts with replies and give us your feedback.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2415
Views
0
Helpful
1
Replies

Significant interface input overrun errors .input error/ Interface input queue is full or almost full

AHMADJ
Level 1
Level 1

‎07-12-2019 07:03 AM

hi i am facing below issue on my wan tinterface and due to iput queue is fully utiliezed i facing hight cpu utilization in ip iput cpu,attaching output for below commands

 

Show tech

Show logging

show interfaces switching

 show ip interface 

show int stat

show stacks

show memory

show buffers input-interface <intx/x> packet 

 

 

Significant interface input overrun errors

Significant interface overrun errors
Affected Interfaces:

3399089266 input errors, 0 CRC, 0 frame, 3399089266 overrun, 0 ignored

 

Significant interface aggregate input errors
Affected Interfaces:
GigabitEthernet0/0 (67.6%)

3399089266 input errors, 0 CRC, 0 frame, 3399089266 overrun, 0 ignored

 

 


Interface input queue is full or almost full

Input queues are full or almost full on some interfaces, which could be triggered by a high packet rate or might be wedged due to a bug
Affected Interfaces:
GigabitEthernet0/0 

Input queue: 139/75/3091881350/115930058 (size/max/drops/flushes); Total output drops: 1959267289

sh tech.txt
0 Helpful
1 Reply 1

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-12-2019 07:25 AM

Hello Ahmad,

the following SW bug can apply to your router

 

CSCsi02145

 

Cisco IOS Software Virtual Routing and Forwarding ICMP Queue Wedge

 

A vulnerability within the virtual routing and forwarding (VRF) subsystem of Cisco IOS software could allow an unauthenticated, remote attacker to cause a denial of service (DoS)
condition.

The vulnerability is due to a failure to properly process malicious ICMP version 4 (ICMPv4) messages received on a VRF-enabled interface. An attacker could exploit this
vulnerability by submitting ICMPv4 messages designed to trigger the vulnerability on an affected device. When the ICMPv4 messages are processed, the packet queue of the
affected interface may not be cleared, leading to a queue wedge. When a wedge occurs, the affected device will stop processing any additional packets received on the wedged
interface.

 

see  the following security advice

 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-wedge

 

You may need to update the IOS  to fix it.

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents