07-10-2014 04:44 AM - edited 03-07-2019 08:00 PM
Dear All,
We have a stack of two 3750x switches.
IOS 15.0.2SE02
Looking at the CPU usage I found the following:
      578757975788577757767778668976766875799875699986676777676887766766795086
      655962145612706544336550879201862386685399919920809060899282596444499009
  100                                      **     **                     * *
   90   *   *                   **         **    ***            *        * *
   80  ***  *  ***  **    ****  **  *  ** *****  ****     *  * ** *      * *
   70  *** *** *** *** ** ********* ** ** ***** ***** ****************  ** *
   60 **************** *****************************************************
   50 **********************************************************************
   40 **********************************************************************
   30 ######################################################################
   20 ######################################################################
   10 ######################################################################
     0....5....1....1....2....2....3....3....4....4....5....5....6....6....7..
               0    5    0    5    0    5    0    5    0    5    0    5    0
                   CPU% per hour (last 72 hours)
In order to find the spikes origin I configured a simple event monitor and found the following:
CPU utilization for five seconds: 75%/0%; one minute: 35%; five minutes: 33%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
40 4570503 276760 16514 45.28% 3.62% 0.75% 0 crypto sw pk pro
178 1232406781 146765075 8397 19.20% 19.84% 19.83% 0 Hulc LED Process
For what I know the Hulk process is normal on stacks. When I insert a simple "show run" or a "write" the CPU spikes but I read that it is normal and do not affect the switching process.
"crypto sw pk pro" looks to be related to ssh but on our configuration there is nothing related to encryption and ssh access to vty is disabled:
line vty 0 4
 logging synchronous
 login local
 transport input telnet
line vty 5 15
 logging synchronous
 login local
 transport input telnet
!
Have you any idea?
thanks,
Paolo
Solved! Go to Solution.
07-10-2014 05:15 AM
Kindly try IOS version 15.0(2)SE4.
07-10-2014 05:28 AM
I wouldn't touch 15.0(2)SE6 even if my life depended on it. It's as buggy as he11.
The MOST STABLE IOS for the 3750-series of switches is 12.2(55)SE8 or SE9. This is closely followed by 15.0(2)SE4.
The rest of the IOS published ... let's just say I tested them all ... only for a few minutes before I had to quickly and urgently roll back.  
07-10-2014 05:15 AM
Kindly try IOS version 15.0(2)SE4.
07-10-2014 05:19 AM
What about SE6 ?
07-10-2014 05:28 AM
I wouldn't touch 15.0(2)SE6 even if my life depended on it. It's as buggy as he11.
The MOST STABLE IOS for the 3750-series of switches is 12.2(55)SE8 or SE9. This is closely followed by 15.0(2)SE4.
The rest of the IOS published ... let's just say I tested them all ... only for a few minutes before I had to quickly and urgently roll back.  
07-11-2014 05:00 AM
One more question.
Checking on the download area the SE6 has a "star". The star means that this release is suggested by Cisco for its quality, stability and longevity.
For your experience, why should Cisco suggest this IOS if it's buggy?
The bug toolkit doesn't if you don't have a quality system used to test it... We have just the production stack.
Paolo
07-11-2014 04:01 PM
Because Cisco cannot test all their IOS versions with all scenarios. The factors are just overwhelming.
They just pick an IOS and test it and make changes until it's "stable". Might be stable in one network scenario but could by a psychopath in another.
07-10-2014 03:33 PM
Thanks for taking the time to rate our posts. :)
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide