Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
2
Replies

Catalyst 2960L ARP Inspection causes High CPU on the SupV-10GE

Menelaos Sazos
Level 1
Level 1

‎06-19-2017 03:56 AM - last edited on ‎03-25-2019 04:44 PM by Community Manager

Hello!

I have a topology, in which Catalyst 2960L (IOS 15.2(5)E1) is connected to the Catalyst 4500-E (SupV-10GE IOS 15.0(2)SG11, WS-X4506-GB-T) using SFP ports and LACP configured on that link.

There're following cases:
- only DHCP Snooping is configured on the 2960L - network is operating ok;
- DHCP Snooping and DAI are configured on the 2960L - this makes neighboring SupV-10GE to have 100% CPU, caused by the process:
%CPU %CPU RunTimeMax Priority Average %CPU Total
Target Actual Target Actual Fg Bg 5Sec Min Hour CPU
K2L2 Address Table R 2.00 77.44 12 5 100 500 104 96 8 785:38

Does anyone have an idea what's going on?

Labels:
0 Helpful
2 Replies 2

Menelaos Sazos
Level 1
Level 1

‎06-22-2017 09:42 AM

Hello!

After doing some investigations with SPAN, I've figured out following: upon activating ARP Inspection, 2960L takes all the ARP Requests it received from the uplink port and replicates them back to that port for an unknown reason. Seems, that's done because this port is configured as "arp inspection trust" one.

Does anyone have an idea why the switch does this? I'm going to rise a TAC case on that.

0 Helpful

mosemberg
Level 1
Level 1
In response to Menelaos Sazos

‎03-09-2020 09:12 PM

you found the reason about that behaviour

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card