[c-nsp] high CPU with snmp IS THERE A REAL FIX

Jeff Fitzwater jfitz at Princeton.EDU
Tue Feb 10 14:53:28 EST 2009 

Hello Jared,

We use only snmp V2.

Here is the URL  http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800948e6.shtml


Jeff
On Feb 10, 2009, at 2:27 PM, Jared Mauch wrote:

> On Tue, Feb 10, 2009 at 02:22:13PM -0500, Jeff Fitzwater wrote:
>> We are running 12.2.SXI on sup-720-cxl
>>
>> We use snmp getnext and getbulk to get the ARP table from a router  
>> that
>> has ~16K entries and it takes about 10min to complete, with ROUTER  
>> CPU at
>> 100%.   Our other routers have the same hardware and IOS but have  
>> <10K
>> entries and work fine.
>
> 	When you say getnext/getbulk, I presume you mean a snmp v2c bulkwalk?
> Or are you using snmp V1?
>
>> This is an old problem with CISCO and I thought they might have  
>> finally
>> fixed it in SXI, but NOT.
>>
>> The problem is the ARP entries are stored internally in a hashed  
>> format
>> and SNMP needs them in an ordered format, so for every snmp PDU the  
>> CPU
>> must get the entire ARP table and crunch it to create the ordered PDU
>> response.  This will take place for as many PDUs as it takes to  
>> retrieve
>> the entire table.   There does appear to be a point  (size of ARP  
>> table)
>> at which it takes very long to retrieve the whole table which seems  
>> to be
>> around 12K but with a 16K table it takes forever.
>>
>> In the attached PDF from CISCO they explain the problem and also  
>> state
>> the if you turn on CEF (has always been on for long time) that it is
>> much faster since the FIB is already in a lexical order that snmp  
>> likes.
>> Since CEF is always on, why does it still take so long.
>
> 	(The list strips the pdf files, you can email them to me to
> post on puck, or give a pointer to the pdf on cisco.com)
>
>>
>>
>>
>> At this point we basically cannot do any retrieval of the ARP   
>> tables.
>>
>>
>>
>> Their must be many other groups that have this same problem or I have
>> really missed something.
>>
>>
>> I will open up a ticket with CISCO if nobody out there has an answer.
>>
>> Currently we use an expect script to get the table via CLI which is  
>> much
>> faster but it doesn't help tools that must use snmp.
>>
>>
>> Thanks for any help.
>>
>>
>> Jeff Fitzwater
>> OIT Network Systems
>> Princeton University
>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> -- 
> Jared Mauch  | pgp key available via finger from jared at puck.nether.net
> clue++;      | http://puck.nether.net/~jared/  My statements are  
> only mine.

More information about the cisco-nsp mailing list