I have a working configuration for PBR on a 6500 running 12.2.33SXH8b.
PBR is applied to an SVI interface.
Like I said, PBR works exactly as I want it to. The thing is when I start adding more traffic to the PBR (only 3 route-map classes) at some point CPU goes to 90+% and we start losing traffic. I was under the impression that in this version hardware-assisted PBR was supported and I shouldn't be seeing this behavior with the CPU.
PBR is hardware switched usually but it sounds like packets are being sent to the main CPU for forwarding which could cause the increase in CPU usage.
There are a number of possible causes for this -
1) PBR commands that send traffic to the CPU (not sure how applicable this is to 6500)
2) incompatible features on the L3 interface
3) TCAM limits
can't think of anything else at the moment.
There is a very good document for examining and troubleshooting TCAM issues here -
I'll have a quick check of your IOS version and post back if I find any PBR commands that cause packets to software switched.
Thanks a lot, Jon.
On the URL you provided, for restrictions it says:
–To avoid high CPU utilization, do not configure an address in the same subnet as the next hop.
If they mean, do not configure that address on the same interface where the PBR is applied, then that is my case exactly. The SVI where PBR is applied has an address from same subnet as the nexthop.
Will report back as soon as we can give this one a try.
Thank you very much!
Just reporting back. Avoiding what I mentioned in the last post did help a lot, Instead of 90% and above, we're now around 70%, but I still think that I much too high.
Will keep looking.
Do you know if this command has any negative effect on a 6500 (like a reload)? Can't find it in command reference.
platform ipv4 pbr optimize tcam
Sorry, never used that command.
I doubt it would reload automatically although it may take a reload to take effect.
Or it a be able to do it dynamically.
But I can't guarantee anything.
Just checked the configuration guide and there are a few things that would cause PBR traffic to be software switched.
See this link for details -