Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
800
Views
10
Helpful
9
Replies

Telnet traffic going to WS-4948 CPU

hekho
Level 1
Level 1

‎03-22-2019 03:21 AM

Hi,

a Catalyst 4948 has CPU usage rising above our Alarm treshold (60%).

It does no harm to the production but I was curious and investigated the phenomenon.

I followed the troubleshooting path presented in this document https://www.cisco.com/c/en/us/support/docs/switches/catalyst-4000-series-switches/65591-cat4500-high-cpu.html.

I started to monitor the traffic send to the CPU and found several telnet session between a machine and several Cisco 25xx Terminal Servers.

I am surprised to see that kind of traffic forwarded at the CPU level. Does anybody has an explaination for that ?

 

Thanks

Hekho

 

 

Labels:
0 Helpful
9 Replies 9

luis_cordova
VIP Alumni
VIP Alumni

‎03-22-2019 05:39 AM

Hi @hekho ,

 

Check this link:

https://www.cisco.com/c/en/us/support/docs/routers/7500-series-routers/41100-highcpu-exec.html

 

It has some information that could guide you with your doubt.

 

Regards

0 Helpful

hekho
Level 1
Level 1
In response to luis_cordova

‎03-22-2019 07:07 AM

Hi,

 

thanks for your recommendation. I have to say the Catalyst itself is not involved in the telnet sessions.

The CPU rise seems to be correlated by Layer-2 forwarding as showned by K2CpuMan Review at the of CPU usage.

 

Thank you very much.

 

Hekho

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to hekho

‎03-22-2019 04:47 PM

What IOS version is the appliance running on?
0 Helpful

hekho
Level 1
Level 1
In response to Leo Laohoo

‎03-25-2019 02:14 AM

Thank you for your participation. The cat is running that old lady:  cat4000-i9s-mz.122-25.EWA11.bin

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to hekho

‎03-25-2019 03:45 AM

Would it make any difference if I say "upgrade the IOS"?
0 Helpful

hekho
Level 1
Level 1
In response to Leo Laohoo

‎03-25-2019 06:40 AM

Ha ha. At the moment that's not an option otherwise I would have done it already :-D

And as I wrote, there's no impact on the production. The goal here is to understand why on earth telnet traffic and also LDAP make their way to the the CPU. That does not make sense to me.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to hekho

‎03-25-2019 06:54 AM

It goes to the CPU because the CPU deals with any processing not dealt with by special/dedicated (e.g. ASIC) hardware (which generally only handles "typical" data plane traffic).
0 Helpful

hekho
Level 1
Level 1
In response to Joseph W. Doherty

‎03-26-2019 01:27 AM

Thanks for your comment. The telnet traffic I am talking about involves servers on the network not the switch itself. As far as I know, that should belong to data plane.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to hekho

‎03-26-2019 03:43 AM

Yes, if the telnet traffic is "transit", it should be processed like other transit (data plane) traffic. However, if there is something odd/unusual about those telnet packets, odd/unusual packets are punted up to the main CPU.

BTW, what's considered odd/unusual in packets can change with IOS versions, so Leo's suggestion to upgrade the IOS might be even more relevant.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card