[nsp] high cpu load on 2651
Kinczli Zoltán
Zoltan.Kinczli at Synergon.hu
Tue Jan 13 03:54:41 EST 2004
Hello,
Thanks for everyone who responded.
I'm including the sanitized config and a 'sh proc cpu hist'
Yes, almost all traffic is at interrupt level, the procesess are sleeping.
No BGP on the router, just eigrp. The age of the routes when i last checked was over 2 days.
Yes, CEF is ON. Yes, flow-cache and flow-cache feature accelerate is on.
The load is unusually high w/o ACL, w/o CAR.
a TAC CE has analyzed the CPU profile output, the most cpu intensive functions were:
36.31% process_throttle_off
(throttle is something like a self pretoction action..., this seems to be high... but i'm not a cpu profiling expert)
11.38% scheduler
Perhaps, i should remove the IP addresses ;))
tnx for any ides
rgds
z.
xxx#sh runn
Building configuration...
Current configuration : 8151 bytes
version 12.2
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service dhcp
!
hostname xxx
!
logging buffered 65536 debugging
aaa new-model
aaa authentication login default group tacacs+ enable
aaa authorization exec default group tacacs+ if-authenticated
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
enable secret 5 xxxxx
!
!
clock timezone CET 1
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
ip subnet-zero
no ip gratuitous-arps
ip flow-cache feature-accelerate
ip cef table event-log size 5000
ip cef
!
!
ip telnet source-interface Loopback0
ip tftp source-interface Loopback0
ip domain-name zxzxzxz.vz
ip name-server a.b.c.d
ip name-server e.f.g.h
!
call rsvp-sync
!
!
!
!
!
file prompt quiet
!
buffers small permanent 100
buffers small max-free 200
buffers small min-free 50
buffers middle permanent 40
buffers middle min-free 30
buffers big permanent 75
buffers big max-free 250
buffers big min-free 30
buffers verybig min-free 15
buffers large permanent 5
buffers large min-free 5
buffers huge permanent 5
buffers huge min-free 5
!
!
interface Loopback0
ip address i.j.k.l/32
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
hold-queue 500 out
!
interface FastEthernet0/1
ip address net13/24
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
rate-limit input access-group 102 1024000 256000 512000 conform-action transmit exceed-action drop
rate-limit input access-group 101 16000 8000 16000 conform-action transmit exceed-action drop
ip route-cache flow
load-interval 30
duplex auto
speed auto
hold-queue 500 out
!
interface ATM1/0
no ip address
ip route-cache flow
load-interval 30
atm pvc 1 0 5 qsaal
atm pvc 2 0 16 ilmi
no atm ilmi-keepalive
hold-queue 512 in
!
interface ATM1/0.2 point-to-point
ip address net12 255.255.255.252
ip access-group bemail in
atm pvc 3 1 100 aal5snap 29000 26000 200 tx-ring-limit 260
!
router eigrp 3
redistribute connected
passive-interface FastEthernet0/0
network net1
no auto-summary
no eigrp log-neighbor-changes
!
ip classless
ip default-network net1
ip default-network net2
ip route 0.0.0.0 0.0.0.0 f.g.h.j
ip route net15 /32 x.y.z.q
no ip http server
!
!
ip access-list extended bemail
permit ip net1 0.0.255.255 any
deny tcp any any eq smtp
permit ip any any
!
logging source-interface Loopback0
logging xxxxxxxxx
access-list 100 deny ip host xxxxxxxx
...
... some more denies, _none_ of them is logging
...
access-list 100 permit ip net13 0.0.0.255 net1 0.0.255.255
access-list 100 deny tcp any any eq smtp
access-list 100 permit ip net13 0.0.0.255 any
access-list 100 deny ip any any
!
access-list 101 permit icmp any any
!
access-list 102 permit udp any any
!
access-list 190 permit ip net13 0.0.0.255 any
!
tacacs-server host xxxxxxxxxxxx
tacacs-server directed-request
tacacs-server key 7 xxxxxxxxxxxxxxxx
snmp-server community xxxxxxx RO
snmp-server contact xxxxxxxxxxxxxx
snmp-server enable traps tty
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
!
scheduler allocate 9000 3000
ntp clock-period 17209097
ntp server xxxxxxxxxxx
ntp server xxxxxxxxxxx
end
Router>sh proc cp hi
8888888888888888888888888888888888888888888888888888888888
9998888777774444444444555555555588888888889999977774444455
100
90 ************ ***************************** **
80 **********************************************************
70 **********************************************************
60 **********************************************************
50 **********************************************************
40 **********************************************************
30 **********************************************************
20 **********************************************************
10 **********************************************************
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per second (last 60 seconds)
8889889998889988888888988889888898888988889888888888888898
9774973008880487796685166460656605776267760766886668867704
100
90 ##*###############****#** *#***************##**#*********
80 ##########################################################
70 ##########################################################
60 ##########################################################
50 ##########################################################
40 ##########################################################
30 ##########################################################
20 ##########################################################
10 ##########################################################
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%
1
9989983333887879988889888988558337787777887888889888899499999999999990
2191164213813893171791997047966691105137505095772666214355007785699990
100 ** *****#***#
90 ****** * * *** ******* * * * ******** ** *********#***#
80 ##**#* ** *************** * ** **************** ****###*######
70 #####* ******#********#** * *************#*#****** *#**##########
60 #####* ***#*##**####*##***** ***********#*###*#**** *##*##########
50 #####* *###############***** *****#############**#* ##############
40 ###### ##################******#*################*##*##############
30 ######***#############################################################
20 ######################################################################
10 ######################################################################
0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
0 5 0 5 0 5 0 5 0 5 0 5 0
CPU% per hour (last 72 hours)
* = maximum CPU% # = average CPU%
Ez az üzenet és a hozzá kapcsolódó fájlok, tervezetek kizárólag a
Címzettnek szólnak, a bennük foglalt információk bizalmasak, melyek
titokban maradásához a Synergon Informatika Rt.-nek jogilag méltányolható
érdeke fuzodik. Amennyiben valamely hiba folytán Ön nem a címzettje ennek a
levélnek, kérjük, semmisítse meg, és értesítse az üzenet küldojét. Az
üzenet az elküldés elott vírusellenorzésen esett át, de a vírusmentességére
nincs semmilyen garancia, ezért kérjük, ellenorizze azt!
DISCLAIMER
This e-mail and any attached files are confidential and may be legally
privileged. The content of this e-mail is subject of efforts by Synergon to
maintain its confidentiality. Also this e-mail is intended for the sole use
of the individual or entity to whom it is addressed. If you are not the
addressee, and received this transmission in error please delete this
e-mail and notify its sender immediately. This e-mail message has been
checked for computer viruses but it could still be infected. Please test it
for viruses before use.
More information about the cisco-nsp
mailing list