07-24-2011 09:33 PM - edited 03-07-2019 01:23 AM
Dear All
My 6513 max cpu utilization reaches around 60 % however, avg CPU remains around 10%. What is the ideal maximum cpu and memory utilization percentage? Can someone explain.
6111114444411111444441111122222444443333344444 3333311
100
90
80
70
60
50
40
30
20
10 *
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
2 1 5 2 11 5 2 2 4 1 4
8876571766626885555566673666620757766580936766272756660564
100
90
80
70
60 *
50 * *
40 * * * *
30 * * * * *
20 * * * * * * * *
10 ***********#**********#*#****#*********#*#**#*#*#*****#**
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
4111111111111111154154111111111111111111111111111111111111111111111111
0332234226323223366364222235320113212322202233101232122221353312122221
100
90
Solved! Go to Solution.
07-24-2011 10:37 PM
The ideal CPU and memory are the lowest ones .
The real CPU and memory usage is totally different in every device, because it depends on the configuration and on the traffic that is traversing the device.
For example I once saw a firewall going to 100% CPU because it was configured to log every single packet denied (and they were denying lots and lots of packets per second), when they removed the "logging" config then the CPU usage dropped down dramatically.
Another example, if you issue the "debug ip packet" command and at that very moment you have lots and lots of packets going to your device, then CPU will raise maybe to 100%.
I would start to worry if average CPU usage is 60% or more.
Kind regards
07-25-2011 08:03 AM
ACLs should be handled in hardware on the 6500 switches so you should be fine. Be careful of logging which can mean the packet is sent to the main CPU ie. software switched. If you need to log then look at Optimised logging on the 6500.
Jon
07-25-2011 09:29 AM
Hello,
on 6500 - sup 720 or 32, as long as you have PFC3 or higher there should be an engine to do ACE (Access control entry) counters in hardware, without the need to use the log parameter.
Regards,
Bruno Silva.
07-24-2011 10:37 PM
The ideal CPU and memory are the lowest ones .
The real CPU and memory usage is totally different in every device, because it depends on the configuration and on the traffic that is traversing the device.
For example I once saw a firewall going to 100% CPU because it was configured to log every single packet denied (and they were denying lots and lots of packets per second), when they removed the "logging" config then the CPU usage dropped down dramatically.
Another example, if you issue the "debug ip packet" command and at that very moment you have lots and lots of packets going to your device, then CPU will raise maybe to 100%.
I would start to worry if average CPU usage is 60% or more.
Kind regards
07-25-2011 02:37 AM
Dear eduardoaliaga
Thanks for your reply, but dont u think that if a dos attack happens during peak time or legitimate traffic increases suddently then having 60% max could be very risky.
Thanks
07-25-2011 07:43 AM
Dear all
I need to apply 15 ACLs on SVIs, each ACL is having around 30 lines, based on the cpu utilization of 6500 mentioned (max 60 %) is it recommended ?
07-25-2011 08:03 AM
ACLs should be handled in hardware on the 6500 switches so you should be fine. Be careful of logging which can mean the packet is sent to the main CPU ie. software switched. If you need to log then look at Optimised logging on the 6500.
Jon
07-25-2011 09:29 AM
Hello,
on 6500 - sup 720 or 32, as long as you have PFC3 or higher there should be an engine to do ACE (Access control entry) counters in hardware, without the need to use the log parameter.
Regards,
Bruno Silva.
07-25-2011 03:43 PM
first try to identify what is causing the high cpu,
run a "sh proc cpu sorted" during the event and look for the proc that causes that .
if you have monitoring system monitoring your cat6x then look for correlation between events like bgp scanner proc/traffic changes etc . and the high cpu . also look if you have a specific time gaps between each event . that would give you a clue and perhaps narrow options .
you can also monitor the packets going to the RP for further analysis with monitor session rp in , or something like that . but be cautious .
about the ACLs , check for the PFC type you'r having , like Bruno Silva said above , you can use these commands to view it :
6500#sh platform hardware pfc mode
PFC operating mode : PFC3C
6500#sh module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
5 5 Supervisor Engine 720 10GE (Active) VS-S720-10G xxxxx
Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
5 Policy Feature Card 3 VS-F6K-PFC3C xxxx 1.1 Ok
5 MSFC3 Daughterboard VS-F6K-MSFC3 xxxx 2.1 Ok
07-25-2011 08:39 AM
There might be intermittent host flapping, possibly due to a misconfigured etherchannel to a multihomed host.
Try enabling the following command and look in the logs for any host flapping.
mac address-table notification mac-move
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide