Hello Folks,

I am in the process of troubleshooting some issues we are experiencing with one of our cat3750s. We have an IDF supporting roughly 4-5 workstations and approximately 30-45 video cameras over wireless and wired connections. Recently one of our switches started experiencing 99% CPU utilization. It appears to be mostly from the IP Input Process - 60-75%. Today this switch is supporting 2 routed ports (no switchport) and 5 VLAN SVIs. I have run the debug IP packet detail and logged buffer traffic but I don't see any of the usual suspects - large number of broadcasts, local destination packets, high rate hosts, everything looks normal. If I start shutting down SVIs I see about 10-15 percent improvement.

I have a couple questions:

in the show sdm prefer command it notes that only 8 routed interfaces and 1024 vlans are supported in the default desktop mode.

GRB_HEC_VID#show sdm prefer
The current template is "desktop default" template.
The selected template optimizes the resources in
the switch to support this level of features for
8 routed interfaces and 1024 VLANs.

  number of unicast mac addresses:                  6K
  number of IPv4 IGMP groups + multicast routes:    1K
  number of IPv4 unicast routes:                    8K
    number of directly-connected IPv4 hosts:        6K
    number of indirect IPv4 routes:                 2K
  number of IPv4 policy based routing aces:         0
  number of IPv4/MAC qos aces:                      0.5K
  number of IPv4/MAC security aces:                 1K

Does the routed interface count include SVIs and routed interfaces or just one or the other? What happens when you exceed this count?

The switch should be rated for a lot more throughput than what we are pushing through it today - Maximum of about 90 Mbps aggregate today.

Is this switch design to support more than 8 routed interfaces (using various templates). Is this a switch capability issue or some DoS attack on the LAN? Any help troubleshooting this is greatly appreciated.