10-06-2011 10:59 AM - edited 03-07-2019 02:39 AM
hi,
I'm facing a cpu load issue on cisco 2811.
you can see the configuration, there is nothing extra exhausting for the cpu.
Each time the traffic start to increase, the cpu load increase to 80 or 90% to reach 100%
each time a user start a download on for exemple fa0/1.50 the cpu increase up to 90%
In the sh process cpu sorted, there is nothing showing that something is wrong.
sh proc cpu sort | excl 0.00
CPU utilization for five seconds: 84%/75%; one minute: 74%; five minutes: 49%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
111 131960796 143316176 920 4.59% 4.71% 4.39% 0 IP Input
177 1767464 342056427 5 0.98% 1.18% 1.19% 0 HQF Shaper Backg
19 8909968 23942550 372 0.65% 0.57% 0.57% 0 ARP Input
304 575244 44231492 13 0.32% 0.32% 0.32% 0 PPP manager
305 407260 44473628 9 0.24% 0.19% 0.18% 0 PPP Events
268 5208776 20651063 252 0.24% 0.07% 0.08% 0 CCP manager
2 124544 286211 435 0.16% 0.16% 0.10% 0 Load Meter
152 14188 54467 260 0.16% 0.06% 0.02% 0 TCP Protocols
300 499012 3859685 129 0.16% 0.16% 0.12% 0 IP NAT Ager
211 37756 28283 1334 0.16% 0.03% 0.05% 0 Crypto Support
110 251624 43851348 5 0.16% 0.14% 0.14% 0 IP ARP Retry Age
104 252316 43851416 5 0.16% 0.15% 0.16% 0 ACCT Periodic Pr
42 837160 1446317 578 0.16% 0.16% 0.14% 0 Per-Second Jobs
145 176976 2185576 80 0.08% 0.08% 0.08% 0 CEF: IPv4 proces
----------------------
CEF is enable on all interface
ICMP unreachables are always sent on all interface
I think but not sure Trunk with Dot1q interface are not support in CEF
and I think is a switching problem
---------------------
fa/0/0 is my outgoing interface:
FastEthernet0/0 is up, line protocol is up
Internet address is x.x.x.x/26
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF, Full Flow
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain outside
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Ingress-NetFlow, Virtual Fragment Reassembly, IPSec input classification, NAT Outside, MCI Check
Output features: CCE Output Classification, Post-routing NAT Outside, Stateful Inspection, IPSec output classification, Firewall (NAT), Firewall (inspect), Post-Ingress-NetFlow, IPSec: to crypto engine, Post-encryption output features
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
---------------
interface FastEthernet0/0
description WAN-INTERNET
mac-address 0020.40ff.f184
ip address x.x.x.x. 255.255.255.192
no ip redirects
ip flow ingress
ip nat outside
ip virtual-reassembly
load-interval 30
duplex auto
speed auto
crypto map vpnmap
------------------------------
Fa0/1 is a trunk interface with 10 subinterface.
FastEthernet0/1.150 is up, line protocol is up
Internet address is x.x.x.x/23
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF, Full Flow
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is enabled, interface in domain inside
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Ingress-NetFlow, Virtual Fragment Reassembly, MCI Check
Output features: NAT Inside, Stateful Inspection, Firewall (NAT), Firewall (inspect), Post-Ingress-NetFlow
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
-----------
interface FastEthernet0/1.150
description LB-MGMT
encapsulation dot1Q 150
ip address x.x.x.x 255.255.254.0
no ip redirects
ip flow ingress
ip nat inside
ip virtual-reassembly
--------------
Any idea how this issue can be resolved
Thanks
Pascal
10-12-2011 06:15 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
A 2811 is a software based router, so as you push traffic through it the CPU has to process it. I.e. as traffic throughput increase so does CPU load.
Most of the ISRs are oriented for WAN routing, not LAN routing. The difference being, WAN routing often works with lower bandwidth links than typically found on a LAN. I recall (?) Cisco's recommendation for the 2811 was no more than dual T1s. (I've seen a 2811 on a full T3 max its CPU out at about 20 Mbps, duplex.)
Since you're using FastE interface, how much bandwidth are you pushing through the 2811 when you see the CPU load you've documented?
10-12-2011 06:39 AM
Hi Joseph,
Thanks for your answer,
Not more than 15Mb and the cpu increase, maybe I should put a 3750 behind for the lan routing and let the 2811 do wan routing only.
Or maybe a 1941/2901 should do the job or put a 1811,
1811 will do more throughput than the 2811 in the real world because of its much more powerfull processor.
Pascal.
10-12-2011 11:31 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
For small LANs with WANs, I often suggest a small L3 switch and a WAN router.
If you're seeing this high CPU at only 15 Mbps, might also be due to other sevices. Looks to me you might also being doing NAT and VPN.(?)
As to relative performances of the routers you've noted, Cisco lists their performance as:
1811 70 Kpps
2811 120 Kpps
1941 299 Kpps
2901 327 Kpps
10-12-2011 11:56 AM
Yes
Other service like VPN and NAT are running.
I'm looking for 1941/2901 , I have around 150pc behind and 20 server or put 3750G behind and keep my 2811
10-12-2011 12:35 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The 3750G will only really help if it keeps some traffic from needing to go to the 2811. If all your 150 PCs and 20 servers on the same subnet, traffic between them doesn't need to be routed. If they are on different subnets, then a 3750G should support much, much more throughput among them.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide