Cisco switch 4500 is reaching 100% cpu ..Cat4k Mgmt HiPri &Cat4k Mgmt LoPri

Unanswered Question
Jan 9th, 2008

27 2395914764 542826111 4413 11.91% 9.66% 8.92% 0 Cat4k Mgmt HiPri

28 31552541603834021125 822 2.55% 3.78% 6.49% 0 Cat4k Mgmt LoPri

Please let me know how to stop these process...



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
mnorwood Wed, 01/09/2008 - 09:53

Do you have any systems using multiple ports off this switch? I have seen servers advertising the same MAC into multiple ports cause this problem.

manikpalekar Wed, 01/09/2008 - 12:36

Thnks for ur reply ...i have done teaming on windows servers but it creates virtual mac address.I wud be thankful if I know how to check which server is creating problem...?

mnorwood Wed, 01/09/2008 - 13:03

I am not sure how many devices you have plugged into this switch so this could take a while depending on the number attached. I would run a "show mac-address-table" and look for duplicates. The easiest way to find them if you are dealing with hundreds of mac addresses is to export the list to a CSV file and then sort it by the mac field. Once you find a duplicate, you could run a "show arp | include xxxxxxx" where the X's are the last 4 of the mac address in question.

I can't recall if there was any sort of error that was in the log or not. If you don't have too many servers with teaming, you could try shutting down the second interface on these servers one at a time and seeing which one causes the utilization to go down. Then you will have found the culprit. If I remember correctly, there had to be a steady flow of traffic at the server for this problem to crop up. I don't know of a way to check active sessions traversing the 4506, other than those terminating at the 4506 itself.

Hope this helps.

manikpalekar Wed, 01/09/2008 - 13:44

Thanks ..its working ..

mac address type protocols

0000.0c07.ac00 static ip,ipx,assigned,other Switch

could u explain ..what it means.

manikpalekar Wed, 01/09/2008 - 13:53

I found some duplicate entries...

3 0000.0c07.ac01 dynamic ip,other GigabitEthernet8/13

5 0000.0c07.ac01 static ip,ipx,assigned,other Switch

101 0000.0c07.ac01 dynamic ip GigabitEthernet8/25

interface GigabitEthernet8/13

description *** connected to FWP inside ***

switchport access vlan 3

switchport mode access


LAN#sh run int gi8/25

Building configuration...

Current configuration : 190 bytes


interface GigabitEthernet8/25

description Connected to Router

switchport access vlan 101

switchport mode access

speed 100

duplex full

qos trust dscp

The scenario is - Router -Transparent firewall-Swicth...

mnorwood Wed, 01/09/2008 - 14:10

I'm not sure it's going to be a router or firewall causing the issue. Do you have any servers that are showing up on multiple ports with the same MAC? Ultimately, you can shutdown one of the ports with a duplicate MAC and by process of elimination find the device causing the issue.

mnorwood Wed, 01/09/2008 - 14:08

You are looking for entries that are "dynamic" as opposed to static. You should see a switch port referenced next to the dynamic ports. That tells you the interface the device is connected to.


This Discussion