cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1985
Views
0
Helpful
5
Replies

Cisco Switch high CPU - ARP Input

Hi all,

ich have two Access Switches - WS-C2960S-48TS-L 12.2(55)SE10, since some days i see high CPU.

These ar the Log entries:
.Oct 10 09:22:04.366: IP ARP: rcvd req src 172.18.12.214 9890.9699.5401, dst 172.18.1.50 Vlan1
.Oct 10 09:22:04.366: IP ARP: ignored gratuitous arp src 172.18.12.214 9890.9699.5401, dst 172.18.1.50 bcc4.9370.8840, interface Vlan1

there are src and dst from hundreds of ip addresses in the subnet 172.18.0.0/16

Any idea or recommendation for trobleshooting this?

Thank

Regards Marco

5 Replies 5

Leo Laohoo
Hall of Fame
Hall of Fame

Post the complete output to the command "sh proc cpu sort | ex 0.00".

Hi Leo,

SW-RZ1-2960S-018#sh proc cpu sort | ex 0.00
CPU utilization for five seconds: 99%/0%; one minute: 99%; five minutes: 99%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
10 1472311814 323935027 4545 87.79% 85.60% 85.52% 0 ARP Input
140 3611459203 376553553 9590 2.32% 2.95% 2.98% 0 Hulc LED Process
294 262 142 1845 0.68% 0.33% 0.07% 1 SSH Process
109 154717264 20013657 7730 0.68% 0.64% 0.64% 0 hpm counter proc
302 223693276 863296861 259 0.51% 0.57% 0.62% 0 IP SNMP
304 347388330 433361257 801 0.34% 1.02% 1.09% 0 SNMP ENGINE
180 73484467 551214419 133 0.25% 0.22% 0.23% 0 IP Input
149 43561877 4128806 10550 0.17% 0.18% 0.18% 0 HQM Stack Proces
71 9059944 92702930 97 0.08% 0.04% 0.03% 0 RedEarth Tx Mana
105 8621340 265917539 32 0.08% 0.06% 0.06% 0 hpm main process
195 7293948 21431300 340 0.08% 0.04% 0.05% 0 Spanning Tree
90 4312107 543604310 7 0.08% 0.04% 0.02% 0 HLFM address lea
33 5372538 3441204 1561 0.08% 0.04% 0.03% 0 Net Background
72 4002863 750997981 5 0.08% 0.05% 0.01% 0 RedEarth Rx Mana
SW-RZ1-2960S-018#

Wow.  That's high. 

Post the config and the output to the command "sh version". 

Hi, here the show run output

SW-RZ1-2960S-018#sh run
Building configuration...

Current configuration : 6572 bytes
!
! Last configuration change at 07:08:16 UTC Mon Oct 10 2016 by cisco
! NVRAM config last updated at 13:57:14 UTC Fri Oct 7 2016 by cisco
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service unsupported-transceiver
!
hostname SW-RZ1-2960S-018
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxx
enable password 7 xxxxx
!
username cisco password 7 xxxxx
!
!
aaa new-model
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c2960s-48ts-l
!
!
ip domain-list marburg.lan
ip domain-name switch.xxxx.lan
ip name-server 172.18.1.x
ip name-server 172.18.1.x
!
!
crypto pki trustpoint TP-self-signed-2473625600
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2473625600
revocation-check none
rsakeypair TP-self-signed-2473625600
!
!
crypto pki certificate chain TP-self-signed-2473625600
certificate self-signed 01
30820249 308201B2 ........


quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
no errdisable detect cause gbic-invalid
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
no ip address
shutdown
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
spanning-tree portfast trunk
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
description LAGER-KG-2960G-116
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
description RZ1-2960G-017
!
interface Vlan1
ip address 172.18.2.xx 255.255.0.0
!
ip default-gateway 172.18.1.xxx
ip http server
ip http secure-server
snmp-server community public RO
snmp-server community macmon RW
snmp-server location RZ1
snmp-server contact INV32953
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps transceiver all
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps cluster
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps energywise
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps power-ethernet group 1-4
snmp-server enable traps power-ethernet police
snmp-server enable traps cpu threshold
snmp-server enable traps rep
snmp-server enable traps rtr
snmp-server enable traps vstack
snmp-server enable traps storm-control trap-rate 50
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps stackwise
snmp-server enable traps errdisable
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vlan-membership
snmp-server host 172.18.1.xx public mac-notification snmp
!
line con 0
exec-timeout 0 0
password 7 xxxxx
line vty 0 4
password 7 xxxxx
transport input all
line vty 5 15
password 7 xxxxx
transport input all
!
ntp clock-period 22518261
end

And the Show Version Output

SW-RZ1-2960S-018#sh ver
Cisco IOS Software, C2960S Software (C2960S-UNIVERSALK9-M), Version 12.2(55)SE10, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Wed 11-Feb-15 11:59 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01B00000

ROM: Bootstrap program is Alpha board boot loader
BOOTLDR: C2960S Boot Loader (C2960S-HBOOT-M) Version 12.2(55r)SE1, RELEASE SOFTWARE (fc1)

SW-RZ1-2960S-018 uptime is 34 weeks, 2 days, 19 hours, 0 minutes
System returned to ROM by power-on
System restarted at 15:21:09 UTC Fri Feb 12 2016
System image file is "flash:/c2960s-universalk9-mz.122-55.SE10/c2960s-universalk9-mz.122-55.SE10.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C2960S-48TS-L (PowerPC) processor (revision Q0) with 131072K bytes of memory.
Processor board ID FOC1950W4XE
Last reset from power-on
1 Virtual Ethernet interface
1 FastEthernet interface
52 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address : BC:C4:93:70:88:00
Motherboard assembly number : 73-11909-10
Power supply part number : 341-0327-06
Motherboard serial number : FOC19505CCL
Power supply serial number : LIT19151DXG
Model revision number : Q0
Motherboard revision number : A0
Model number : WS-C2960S-48TS-L
Daughterboard assembly number : 73-11933-04
Daughterboard serial number : FOC19503V0Y
System serial number : FOC1950W4XE
Top Assembly Part Number : 800-30950-07
Top Assembly Revision Number : C0
Version ID : V07
CLEI Code Number : CMML510ARA
Daughterboard revision number : A0
Hardware Board Revision Number : 0x01


Switch Ports Model SW Version SW Image
------ ----- ----- ---------- ----------
* 1 52 WS-C2960S-48TS-L 12.2(55)SE10 C2960S-UNIVERSALK9-M


Configuration register is 0xF

SW-RZ1-2960S-018#

Thanks to all, the Problem is solved. Somone activates "debug ip arp", since no deb all cpu is normal again.

Regards Marco

Review Cisco Networking for a $25 gift card