02-24-2013 03:26 AM - edited 03-07-2019 11:54 AM
Dears,
we have 2811 router with multiple servers connected to it's lan from which there are monitoring servers in between , the router suffers always from high cpu utilization
configuration has alot of ACLs & NAT & IPSEC Tunnel with wan bandwidth 20 M
Is there any method to reduce the high cpu utilization shown below !!
CPU utilization for five seconds: 90%/80%; one minute: 93%; five minutes: 90%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
104 737029848 427864243 1722 5.45% 5.65% 5.65% 0 IP Input
253 63392216 11081854 5720 1.04% 1.15% 1.12% 0 IP NAT Ager
260 82602372 137425723 601 0.64% 0.64% 0.66% 0 PDU DISPATCHER
2 2475488 1070922 2311 0.48% 0.41% 0.35% 0 Load Meter
270 3696 267 13842 0.48% 0.49% 0.18% 514 Virtual Exec
164 39209976 1101640874 35 0.40% 0.29% 0.36% 0 HQF Shaper Backg
259 53255128 146875160 362 0.24% 0.31% 0.34% 0 IP SNMP
256 17800088 155666048 114 0.24% 0.16% 0.17% 0 PPP manager
18 149527460 33336738 4485 0.24% 0.16% 0.16% 0 ARP Input
148 212776 5308439 40 0.08% 0.00% 0.00% 0 bsm_xmt_proc
02-24-2013 03:40 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The 2811 is a little small for 20 Mbps. Your 5 second rate shows most of the CPU being consumed by "interrupt", which normally reflects overall traffic loading.
However, ideally "interrupt" CPU should be almost all your CPU, and with tunnels, if you're fragmenting, you're CPU usage will be higher than necessary. In other words, you might be able to improve CPU utilization if you optimize your configuration, assuming it's not optimal.
02-24-2013 07:02 AM
Have u enable any type of logging for ACLs
02-25-2013 01:34 AM
No , Logging is not enabled for ACL , also minimized ACL as much as possible
regarding tunnel , how to check fragments through tunnels and how to adjust them !
02-25-2013 01:59 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide