Update on this issue:
After combing the config and google, i tried several things to get CPU
usage down including filtering of IP Options, fragments and reorganizing
my ACLs. Even completely disabling the ACL lists and any filtering did
not help. One document mentioned moving to 12.4 train in order to get
more information about the packets coming into the router. I upgraded
the router to 12.4.25f (Service provider w/ IPSEC and LI). After the
reload, router came up and my high cpu usage was no longer there. Didn't
make any changes to my config from SRE that was giving me the high CPU
or for that matter from 15.0 that was giving me high CPU.
So my question is why? What is different about 12.4 from SRE and 15.0?
If i have to stay on 12.4 train, i'd rather be on 12.4T, but not sure
if i'll run back into the same problem.
On 8/23/2011 12:49 AM, Yann GAUTERON wrote:
I've got some high CPU measured on another Cisco equipment (Catalyst
4500, so different architecture and different process involved). But
this story can maybe help.
The story ended when we discovered that on a given SVI, my switch
generated lots of ICMP Redirects on a given VLAN.
Maybe this can also be the case by your router. Try (if you don't need
them to be enabled) to disable "ICMP redirects" ("no ip redirects" on
the routed interfaces). This is now one of the line we introduce in our
best practices. We can imagine that when you upgraded your IOS, another
(unrelated) change occurred on your network, such a new host that is
sending traffic to your router instead to send it to another router on
the same subnet which would have a better route.
Cheers,
Y.
2011/8/22 Chris Gotstein <ch...@uplogon.com <mailto:ch...@uplogon.com>>
I even disabled the ACLs on the interfaces to see if that was the
issue. Didn't help.
On 8/22/2011 3:36 PM, Edward Salonia wrote:
Did you double check your config to dee if anything changed or
got removed and subsequently saved after your attempt to upgrade
to 15M? Sometimes commands/santax changes slightly between
versions and a part of your config may not have been carried over.
I have also seen situations where one makes changes to a config
and forgets to save it. Then a few days/weeks/months down the
road, they reboot for one reason or another (sw upgrade for
example) and suddenly the change they made previously is gone
and no one notices because it was made so long ago and forgotten.
Just a thought. Double check you config.
I see you made sure CEF was enabled.
Another thought, do you have 'log' attached to the end of any ACL's?
- Ed
-----Original Message-----
From: Chris Gotstein<ch...@uplogon.com <mailto:ch...@uplogon.com>>
Sender: cisco-nsp-bounces@puck.nether.__net
<mailto:cisco-nsp-boun...@puck.nether.net>
Date: Mon, 22 Aug 2011 15:08:23
To:<cisco-nsp@puck.nether.net <mailto:cisco-nsp@puck.nether.net>>
Subject: Re: [c-nsp] 7206VXR NPE-G1 Upgrade from 12.4 to 15.0
High CPU
Backed down to SRE, but still seeing high utilization on the IP
Input
process. Have no idea why this is happening now, thought it was
due to
the upgrade to 15.0. But seeing same issue back on SRE.
Anything i can
do to troubleshoot? Running out of ideas.
On 8/22/2011 12:21 PM, Chris Gotstein wrote:
Was looking for the additional IPv6 support in the 15.x
train. Can't
find any solution to the problem, so i'll probably just move
back down
to SRE4.
On 8/22/2011 8:09 AM, Mark Tinka wrote:
On Monday, August 22, 2011 05:18:10 PM Chris Gotstein wrote:
Any ideas of what could be going on? I haven't
downgraded the IOS just yet, hoping to see if i might
have missed something easy. Thanks,
Don't know anything about how 15.x works on the NPE-G1/G2,
but we're staying away from it as it doesn't have any
features we need. SRE4 is nice and happy.
Mark.
--
---- ---- ---- ----
Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P.
http://uplogon.com | +1 906 774 4847 <tel:%2B1%20906%20774%204847> |
ch...@uplogon.com <mailto:ch...@uplogon.com>
_________________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
<mailto:cisco-nsp@puck.nether.net>
https://puck.nether.net/__mailman/listinfo/cisco-nsp
<https://puck.nether.net/mailman/listinfo/cisco-nsp>
archive at http://puck.nether.net/__pipermail/cisco-nsp/
<http://puck.nether.net/pipermail/cisco-nsp/>
--
---- ---- ---- ----
Chris Gotstein, Network Engineer, U.P. Logon/Computer Connection U.P.
http://uplogon.com | +1 906 774 4847 | ch...@uplogon.com
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
