[c-nsp] high CPU with snmp IS THERE A REAL FIX

Jared Mauch jared at puck.nether.net
Tue Feb 10 14:27:49 EST 2009 

On Tue, Feb 10, 2009 at 02:22:13PM -0500, Jeff Fitzwater wrote:
> We are running 12.2.SXI on sup-720-cxl
>
> We use snmp getnext and getbulk to get the ARP table from a router that 
> has ~16K entries and it takes about 10min to complete, with ROUTER CPU at 
> 100%.   Our other routers have the same hardware and IOS but have <10K 
> entries and work fine.

	When you say getnext/getbulk, I presume you mean a snmp v2c bulkwalk?
Or are you using snmp V1?

> This is an old problem with CISCO and I thought they might have finally 
> fixed it in SXI, but NOT.
>
> The problem is the ARP entries are stored internally in a hashed format 
> and SNMP needs them in an ordered format, so for every snmp PDU the CPU 
> must get the entire ARP table and crunch it to create the ordered PDU 
> response.  This will take place for as many PDUs as it takes to retrieve 
> the entire table.   There does appear to be a point  (size of ARP table) 
> at which it takes very long to retrieve the whole table which seems to be 
> around 12K but with a 16K table it takes forever.
>
> In the attached PDF from CISCO they explain the problem and also state  
> the if you turn on CEF (has always been on for long time) that it is  
> much faster since the FIB is already in a lexical order that snmp likes.  
>  Since CEF is always on, why does it still take so long.

	(The list strips the pdf files, you can email them to me to
post on puck, or give a pointer to the pdf on cisco.com)

>
>
>
> At this point we basically cannot do any retrieval of the ARP  tables.
>
>
>
> Their must be many other groups that have this same problem or I have  
> really missed something.
>
>
> I will open up a ticket with CISCO if nobody out there has an answer.
>
> Currently we use an expect script to get the table via CLI which is much 
> faster but it doesn't help tools that must use snmp.
>
>
> Thanks for any help.
>
>
> Jeff Fitzwater
> OIT Network Systems
> Princeton University

> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

More information about the cisco-nsp mailing list