[nsp] High CPU & NAT
Gert Doering
gert at greenie.muc.de
Thu May 8 20:07:38 EDT 2003
Hi,
On Thu, May 08, 2003 at 11:56:34AM -0500, Voralt wrote:
> cisco-gw#sh ip nat stat
> Total active translations: 8271 (184 static, 8087 dynamic; 8039 extended)
>
> The CPU gradually increases over time and eventually hits 100% and causes
> tons of dropped traffic. Right now, it's about 70% over 5 minutes and the
> only thing of significance in the proc table is ip input.
I have the nagging suspicion that 12.2(x) leaks NAT table entries - we
have a similar setup (12.2(12b), 2621, about 2-3 Mbit/s., NAT, CPU slowly
increasing) and comparing NAT table entries and netflow cache sometimes
just doesn't "match" - there are hardly any ongoing flows, but 1000s of
NAT table entries.
If I then do a "clear ip nat tra *", CPU goes down from > 90% to 10%...
[..]
> It's a little hard to see from the formatting mess below, but virtually
> everything in F2/0 and out 3/0 (from nat inside to nat outside) is process
> switched. So this leads me to believe NAT is process switched. I thought
> it would have been fast switched by now, but I could be wrong. Any ideas?
process switching should not lead to a CPU load that's increasing over
time (with no change to the traffic pattern)...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert.doering at physik.tu-muenchen.de
More information about the cisco-nsp
mailing list