[c-nsp] Cisco 1760 - 12.4(1c) - CPU utilization creep

[Jay Hennigan]

Sean Shepard wrote:
> Greetings,
>  
> We have been experiencing a problem that we believe is something going
> haywire with a 1760 router (show ver is below).
>  
> Essentially, over time (one to three weeks) the router's CPU utilization
> creeps up and begins spiking at 90 to 100% until, if left untreated via
> RELOAD it gets progressively worse until pegging at 100% making even a
> telnet visit to type the word "reload" a 10 minute lesson in patience.  The
> problem first becomes noticed by the end user when they start having
> problems with their 30 or so VoIP phones which are more sensitive to network
> issues.

Are the VoIP phones running SIP with NAT traversal handled by the 
router?  If so, you are probably encountering CSCsj08002 which is 
squashed in:

12.4(11)T4
12.4(16.10)T
12.4(15)T2
12.4(18.10)M

"CPU slowly ramps up until NAT translation is cleared"

The leak is seen when there are SIP translations being created that use 
port 5060 on both the inside and outside. The rate at which the CPU 
increases will depend upon the rate SIP of phone calls.

>   I believe 12.3(18) [c1700-k9o3sy7-mz.123-18.bin] was the original and it
> is still available in flash 
>   but we now show it loading 12.4(1c) [see below] after the IOS change.
> Replacing the router itself once when the IOS change didn't help.
> Packet traces taken on the LAN side of the network do not indicate any
> significant broadcast or other suspect traffic.
>  
> The following line is at the affected location in the SHOW VER output but
> not on the stable router's SHOW VER output: "ROM: C1700 Software
> (C1700-K9O3SY7-M), Version 12.3(18), RELEASE SOFTWARE (fc3)"
>  
> Any help or advice is greatly appreciated!

You're booting to 12.4(1c) because of the "boot system" command.

--
Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV