Hi George,
I´ve tested 12.0(7)XK and 12.2(2)T and both images lead to the same problem.
The configuration are pretty simple, there is nothing like SMDS or dotQ.
At Cisco Bug Navigator, I found several reports with similar description,
including some problems regarding NAT and CEF together.
Testing some workaround now.
Marcio
-----Original Message-----
From: George Robbins [mailto:grr@shandakor.tharsis.com]
Sent: quarta-feira, 11 de julho de 2001 17:57
To: cisco-nsp@puck.nether.net; gert@greenie.muc.de;
marcio.pilotto@intelig.net.br
Subject: RE: [nsp] High CPU with NAT - some output
The obvious questions are:
What IOS version/release are you running?
What's the traffic level, and what kind of interface->interface
path is it taking.
Some things like SMDS and dotQ vlans aren't CEF switched, at
least in older releases. There should be some fast switching
going on unless you have "no ip route-cache" vs. nothing.
CEF isn't neccessarily a noticable win if there are only a limited
number of routes, but no route-caching is deadly...
George
> From cisco-nsp-request@puck.nether.net Wed Jul 11 16:26:25 2001
> Resent-Date: Wed, 11 Jul 2001 16:26:16 -0400
> Received-Date: Wed, 11 Jul 2001 16:23:01 -0400
> From: Marcio Pilotto <marcio.pilotto@intelig.net.br>
> To: "'Gert Doering'" <gert@greenie.muc.de>, cisco-nsp@puck.nether.net
> Subject: RE: [nsp] High CPU with NAT - some output
> Date: Wed, 11 Jul 2001 17:23:31 -0300
> Resent-From: cisco-nsp@puck.nether.net
> X-Mailing-List: <cisco-nsp@puck.nether.net> archive/latest/7183
> X-Loop: cisco-nsp@puck.nether.net
> Precedence: list
> Resent-Sender: cisco-nsp-request@puck.nether.net
>
> Hi Gert,
> Very good link that you sent me but, in the field, things do not work =
> like
> on the paper. What I see is that 99% of all output packets are process
> switching on 3600 with NAT configured, even if we (re)start to use CEF =
> on
> it.
>
> I don=B4t know if it=B4s a bug or not, I hope that Cisco can tell me.
>
> 21% of CPU utilization are not so high. But if you have less that 1 =
> Mbps of
> IP traffic and see that 21% of your CPU are busy during the last 5 =
> minutes I
> think that you have to take a look on it.=20
>
> The fact is that when there are almost 4 Mbps of IP traffic passing =
> through
> the router, the CPU hits 99%!! There is no dynamic routing protocols on =
> it,
> only static route and NAT.
>
> Regards,=20
>
> Marcio Pilotto
> CCIE No. 7477
> Intelig Telecomunica=E7=F5es
> Engenheiro de Projeto de Redes IP
> Tel.: +55 21 2536 0880
> Mobile: +55 21 9765 6523
> FAX: +55 21 2536 0903
>
>
> -----Original Message-----
> From: Gert Doering [mailto:gert@greenie.muc.de]
> Sent: ter=E7a-feira, 10 de julho de 2001 09:32
> To: Marcio Pilotto; cisco-nsp@puck.nether.net
> Subject: Re: [nsp] High CPU with NAT - some output
>
>
> Hi,
>
> On Tue, Jul 10, 2001 at 09:12:37AM -0300, Marcio Pilotto wrote:
> > - show process cpu
> > --------- output being ---------------
> > CPU utilization for five seconds: 21%/13%; one minute: 21%; five =
> minutes:
> > 21%
> > -------- output end ------------------
>
> That doesn't look overly high to me.
>
> > CEF is enable at all interfaces but CEF does not work with NAT!
>
> At least per the docs, it should - quoting from
> http://www.cisco.com/warp/public/cc/pd/iosw/ioft/iofwft/prodlit/iosnt_qp=
> .htm
>
> "Q. What kind of routing performance can I expect when I use Cisco IOS =
> NAT?
>
> A. Cisco IOS NAT supports Cisco Express Forwarding (CEF) switching,
> Fast-switching and of course Process switching. "
>
> > With show interfaces switching command we can see that all output =
> packets
> > are process switching. It does not care if you use netflow switching, =
> fast
> > switching or even CEF.
>
> Maybe you should use an IOS version with less letters in it :-) -
> IOS-Versions with two or more letters tend to be "interesting".
>
> gert
> --=20
> USENET is *not* the non-clickable part of WWW!
> =20
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany
> gert@greenie.muc.de
> fax: +49-89-35655025
> gert.doering@physik.tu-muenchen.de
>
>
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:44 EDT