Catalyst 4006/Sup III High CPU

Unanswered Question
Sep 9th, 2009
User Badges:

We have a Catalyst 4006 with a supervisor III that experiences high CPU (80-90%+) for periods of about 20 minutes. We are running IOS version Version 12.2(25)EWA14. We are running 2 OSPF processes on the box. One of the OSPF processes is running in a VRF (VRF Lite). I have checked traffic on the interfaces during the high CPU event and have seen nothing out of the ordinary. There have been no changes to the config that correlate with the start of the CPU spikes. During the high CPU SSH to the box is responsive. Based on the stated config/harware/ios; does anyone have any suggestions for things to check to try to pinpoint what is causing the high CPU?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jbrenesj Wed, 09/09/2009 - 08:43
User Badges:
  • Silver, 250 points or more

Please try to capture a:

sh proc cpu

sh plat health

During the high cpu period so we can investigate further about the cause

jbrenesj Wed, 09/09/2009 - 09:37
User Badges:
  • Silver, 250 points or more

Thanks, one particular process is really high:

IP Input

There are a couple of causes of this but first lets see if due to icmp redirects the cpu is spiking when there is more traffic.

I don't know if this is your case but normally the 4500 is the default-gateway for the hosts/servers and then you have some routers/firewalls on a separate vlan than the hosts that the 4500 redirects the traffic to.

Do you have routers/firewalls on the same vlan(subnet) than heavy traffic users or servers, if so, the 4500 may be sending icmp redirects back to the hosts so they use the router/firewall as the next-hop instead of the 4500. If this is the case then you can disable redirects on the interface vlans of the 4500

"no ip redirects"

eaaronseth Wed, 09/09/2009 - 11:49
User Badges:

Thank you for your reply.

We do have "no ip redirects" configured on the interface vlans. The 4000 does serve as the gateway for most of the networks in this area. The gateway is an HSRP address between 2 4000's. The routers/firewalls for these networks are on seperate VLANs.

eaaronseth Fri, 09/18/2009 - 14:03
User Badges:

I've attached the output from the following commands:

debug platform packet all receive buffer

show platform cpu packet statistics

mattwilsonuk Sat, 09/19/2009 - 07:31
User Badges:

Could try to clear all your counters and see if you are experiencing input/output drops during high cpu.


This Discussion