Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1201
Views
0
Helpful
3
Replies

Slow CLI High CPU

Go to solution
Strand303
Level 1
Level 1

‎07-08-2015 12:38 PM - edited ‎03-08-2019 12:53 AM

Currently have a hardware issue with some PCs on our network flooding traffic, this is resulting in high cpu usage on our 3850 switches.


Following the link below allows us to identify which interface the PC causing the issue is connected to, we can then place in shut down and apply the fix:

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/117594-technote-hicpu3850-00.html


The problem is as the switch has high cpu the CLI is responding incredibly slowly making identifying the ints a painful process.


Was wondering if there is any config that could be applied that would reserve cpu or protect the management function of switch when under high utilisation?

Many thanks

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jeremy_fitzgerald
Level 1
Level 1

‎07-08-2015 09:17 PM

You could use the Control Plane Policing feature to rate-limit the amount of broadcast packets hitting the CPU.

The command is only available with an ipservices license not ipbase.

Switch(config)# cpp traffic-type broadcast <100-13000>  PPS - Max(13000) 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/release_notes/OL_30562_01.html#pgfId-820039

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Ji-Won Park
Level 1
Level 1

‎07-08-2015 06:55 PM

Hi,

I cannot think of what you are asking... reserving CPU to protect management plane.

However, I believe it's the broadcast packets that's flooding the network. It could be some compromised PCs or Layer-2 looping in your network from mis-configured STP.

You can configure broadcast storm and multicast storm under the interfaces. I would throttle those traffic to just stop flooding the network.

"http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/release/12-1_22ea/SCG/scg/swtrafc.html#wp1229877"

Can you show the output of "show processes cpu | ex 0.00"

I would like to know what is actually cause the cpu spike.

Hope it helps.

g1

0 Helpful

Go to solution
jeremy_fitzgerald
Level 1
Level 1

‎07-08-2015 09:17 PM

You could use the Control Plane Policing feature to rate-limit the amount of broadcast packets hitting the CPU.

The command is only available with an ipservices license not ipbase.

Switch(config)# cpp traffic-type broadcast <100-13000>  PPS - Max(13000) 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/release_notes/OL_30562_01.html#pgfId-820039

0 Helpful

Go to solution
Strand303
Level 1
Level 1
In response to jeremy_fitzgerald

‎07-09-2015 07:30 AM

Thanks for replies.

The issue seems to be malfunctioning NICs on PCs rather than STP or network config, getting swamped with IPv6 multicast when they enter power save - this is killing the CPU on the switch.

 

Storm control is configured on the interfaces but its against bandwidth and the flooding isn't very high in terms of bandwidth.


I could change this to pps but am seeing about 50 pps on the offending interfaces, this doesn't sound that high and limiting to well below this might interfere with legitimate multicast traffic we run for some apps?

 

The control plane policing sounds like what I was hoping to use but its ipbase image switch so looks like no go.

Thanks

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card