I am in the process of troubleshooting some issues we are experiencing with one of our cat3750s. We have an IDF supporting roughly 4-5 workstations and approximately 30-45 video cameras over wireless and wired connections. Recently one of our switches started experiencing 99% CPU utilization. It appears to be mostly from the IP Input Process - 60-75%. Today this switch is supporting 2 routed ports (no switchport) and 5 VLAN SVIs. I have run the debug IP packet detail and logged buffer traffic but I don't see any of the usual suspects - large number of broadcasts, local destination packets, high rate hosts, everything looks normal. If I start shutting down SVIs I see about 10-15 percent improvement.
I have a couple questions:
in the show sdm prefer command it notes that only 8 routed interfaces and 1024 vlans are supported in the default desktop mode.
GRB_HEC_VID#show sdm prefer The current template is "desktop default" template. The selected template optimizes the resources in the switch to support this level of features for 8 routed interfaces and 1024 VLANs.
number of unicast mac addresses: 6K number of IPv4 IGMP groups + multicast routes: 1K number of IPv4 unicast routes: 8K number of directly-connected IPv4 hosts: 6K number of indirect IPv4 routes: 2K number of IPv4 policy based routing aces: 0 number of IPv4/MAC qos aces: 0.5K number of IPv4/MAC security aces: 1K
Does the routed interface count include SVIs and routed interfaces or just one or the other? What happens when you exceed this count?
The switch should be rated for a lot more throughput than what we are pushing through it today - Maximum of about 90 Mbps aggregate today.
Is this switch design to support more than 8 routed interfaces (using various templates). Is this a switch capability issue or some DoS attack on the LAN? Any help troubleshooting this is greatly appreciated.
You can check the TCAM utilization on the switch, here is the command:
sh platform tcam utilization
If the TCAM share for routing has been exhausted, you may want to change the sdm template to 'routing' (sdm prefer routing in global config mode) to have more TCAM alloted for routing. (This would require a reload). The template would look something like the following on WS-C3750G-12S :
Switch#sh sdm prefer
The current template is "aggregate routing" template.
GoalDocumentationDefineAdd Device to Smart AccountSync Smart Account via vManage1.1 VNF package for vBranchDesignDeployOperate
To successfully provision a ENCS device in remote site with internet connection.
Minimum software relea...
はじめに確認方法Version による Application name の変更について備考参考情報 はじめに本ドキュメントでは Cisco SD-WAN における Policy 上で設定可能な Application を確認する方法について記載しています。 確認方法サポートされている Application name についてはご使用されている vManage へ API を呼び出して確認することが可能です。https://<IP or FQDN>/...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...