[c-nsp] Cisco 7201 (G2) Traffic Performance (High CPU Utilization)

Troy Boutso sensible115 at gmail.com
Tue Oct 14 22:37:34 EDT 2014 

Hey

I have recently deployed several 7201s (NPE-G2 Processor/1G RAM) in a
network, which once primarily consisted of Cisco 3570 Switches acting as
routers, but due to the requirement of more advanced features such as
traffic shaping, MPLS, VPNs etc. My company has decided to purchase this
platform due to the appealing pricing etc.

I've had quiet a bit of exposure to this platform in my past roles, more as
an LNS / VPN contentrator ... and it seemed to do the job fine.

I've gone ahead and installed IOS (C7200P-ADVENTERPRISEK9-M), Version
15.2(4)S based on a recommendation and the fact that this is the IOS which
was purchased with the hardware.

The routers (which have been deployed and in production) are configured to
take a physical Gigabit hand-off for a Layer 2 - 200Mbps WAN p2p circuit
and route the traffic to/from a stack of 3750X switches which is acting as
a core.

The design is very basic at the moment. I have no ACLS, Policy routing or
anything out of the ordinary. I have simple ospf point-to-point adjacencies
over the wan link and to the core switch (via a static port-channel)

The issue: The routers are doing about 120Mbps/60Mbps on the WAN link and
the reciprocal of that via the port-channel sub-interface towards the core
stack.

I see the CPU utilization is already at 35-38% constantly. Which I believe
is very high considering the amount of traffic the box is supposedly
capable of doing.
The traffic is primarily voice traffic + web traffic.
Naturally the PPS is higher than usual but well below the 2Million the box
can do.

PPS on WAN LINK = 45000 / 40000
PPS on Port-Channel = 40000 / 45000


Here is a sample of the "show proc cpu sorted" command:

CPU utilization for five seconds: 33%/33%; one minute: 33%; five minutes:
33%
 PID Runtime(ms)     Invoked      uSecs   5Sec   1Min   5Min TTY Process
   1           0           4          0  0.00%  0.00%  0.00%   0 Chunk
Manager
   2         132      241474          0  0.00%  0.01%  0.00%   0 Load Meter

   3        3220       89788         35  0.00%  0.00%  0.00%   0 LDP Main

   4           0           1          0  0.00%  0.00%  0.00%   0 RO Notify
Timers
   5      749848      168032       4462  0.00%  0.05%  0.05%   0 Check
heaps
   6        1440       20371         70  0.00%  0.00%  0.00%   0 Pool
Manager
   7           0           1          0  0.00%  0.00%  0.00%   0 DiscardQ
Backgro
   8           0           2          0  0.00%  0.00%  0.00%   0 Timers

   9           8         499         16  0.00%  0.00%  0.00%   0 WATCH_AFS

  10        3824       26245        145  0.00%  0.00%  0.00%   0 ARP Input

  11           8     1259247          0  0.00%  0.00%  0.00%   0 ARP
Background
  12           0           2          0  0.00%  0.00%  0.00%   0 ATM Idle
Timer
  13           0           1          0  0.00%  0.00%  0.00%   0 ATM ASYNC
PROC
  14           0           1          0  0.00%  0.00%  0.00%   0
AAA_SERVER_DEADT
  15           0           1          0  0.00%  0.00%  0.00%   0 Policy
Manager
  16           0           2          0  0.00%  0.00%  0.00%   0 DDR Timers

  17           0           5          0  0.00%  0.00%  0.00%   0 Entity MIB
API


Ultimately I want to know am I simply hitting a practical limit of the box
already?
I'm very scared to enable more WAN links on these routers as I am affraid
it will max out the available resources.

I am happy to provide any further information that is not provided in this
message.
The running config is extremely lean at the moment. MPLS /LDP is enabled
CEF is running. All data packets (asides from OSPF and ISIS packets) are
handled by CEF.

I understand this platform is not hardware forwarding like an ASR, or the
like. However it seems to be a little too soon for us to be stressing a box
like this one.

Kind Regards
Nick

More information about the cisco-nsp mailing list