cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1298
Views
0
Helpful
6
Replies

3825 High CPU Problem

Hi everyone

I'm battling with a high CPU problem on a Cisco 3825 router (C3825-ADVIPSERVICESK9-M, Version 12.3(14)T7). I have identified packet marking (rate-limit with set-prec-transmit) as the culprit.

When the rate-limiting is enabled, it is marking only about 8mbit of the input traffic. In this configuration, the router's CPU hits 100% at about 140Mbps of combined in/out traffic, and it is unable to handle any more.

When I switch off the rate-limiting, the router passes the required load of about 200mbit/sec with under 30% CPU utilisation.

Should rate-limits be causing such high CPU usage, considering that only a small amount of input traffic is being marked? If so, is there a better strategy to mark packets which will use less CPU? There are about 25 rate-limits marking 25 different ACLs.

Thanks

6 Replies 6

Danilo Dy
VIP Alumni
VIP Alumni

Hi,

There might be overlapping ip address between 25 ACLs. Can you post your config?

Regards,

Dandy

Unfortunately I cannot post the config because the addresses are all public. Would overlapping ACLs cause this problem?

Most likely, try to remove rate-limit with overlapping ACL (or amend your ACL) and re-apply it to the interface.

Could "access-list compiled" possibly help in this situation ?

Thanks! That has reduced the CPU significantly. What are the drawbacks to using this command?

One might be that this feature possibly isn't supposed to be on that platform.

At least on the 28xx series, it existed on the early 12.4 mainline releases but was later "fixed" (pulled). Queried TAC about this "fix", and was told it was pulled because the feature isn't supported on the lower end router platforms.

Otherwise, the only "negative" I've seen with it on any platform is its usage of some additional RAM.

[edit]

From http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dttacl.html

"Supported Platforms

•Cisco 7200 series routers

•Cisco 7500 series routers

"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: