cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
801
Views
0
Helpful
1
Replies

SQL*NET (Oracle) traffic being punted to Catalyst 4500 CPU

We just recently migrated to a new network which consists of Cisco 5585-X ASAs and Cisco 4500-X routers. The nature of our network involves Oracle traffic, utilizing Oracle TNS protocol to communicate, to send traffic to it's gateway within an ASA context firewall, which then is forwarded to the 4500 to be routed back to a different context in the ASA and to destination application servers.

The problem we immediately began to see after we moved onto this new network is that when the Oracle TNS traffic hits the 4500 to be routed it gets punted to the CPU for switching instead of being hardware switched. Due to this, our average CPU utilization on our 4500 is around 60% and causes really slow throughput on our Oracle traffic (approx 100-200Mbps). I've included a screenshot of a pcap from the 4500 indicating that the router is not agreeing with the TNS traffic. Although TCP retransmissions, Dup ACKs, and incorrect frame checks are perceived by the 4500, this is not actually what's happening as the traffic is flowing through fine on the ASA and we're not seeing any drops of the packets or Oracle application issues (besides slow throughput due to CPU processing).

I do have a TAC case open on this and Cisco is currently looking at the issue, but it appears there is no quick or easy fix. I was wondering if anyone else out there might have some sort of idea on what the solution might be or have seen this before. Would appreciate any feedback.

 

Thanks,

LK

 

 

 

 

1 Reply 1

Just wanted to let everyone know the fix. Apparently nearly all packets were getting punted to the CPU on the 4500 due to a feature called "ip redirect" where a packet that comes into the 4500 on one interfaces gets routed out the same interface and causes a CPU punt due to the feature. Disabling this under all VLAN interfaces on the 4500 fixed it and stopped the punts.