[c-nsp] Cisco 3750 High CPU load due to ACL
Clinton Work
clinton at scripty.com
Tue Feb 8 17:02:08 EST 2005
Are you looking at "show controllers cpu" to check packets being forwarded
by the CPU? I have seen this problem several times when the ACLs exceed
the 3550 TCAM limits. The "show tcam inacl <tcam> stat" command isn't useful
in this case because if the ACL doesn't fit in the TCAM then the utilization
of the TCAM could still be really low.
Roger Wiklund wrote:
> Hi,
>
> I have an extended access-list without loggin. But I get 10k deny matches
> per
> second and the CPU-load goes up to 80%. But when i check show access-list
> harware counters there are nothing forwarded to the CPU.
>
--
===================================================
Clinton Work clinton at scripty.com
Calgary, AB
More information about the cisco-nsp
mailing list