09-09-2009 05:46 AM - edited 03-06-2019 07:39 AM
We have a Catalyst 4006 with a supervisor III that experiences high CPU (80-90%+) for periods of about 20 minutes. We are running IOS version Version 12.2(25)EWA14. We are running 2 OSPF processes on the box. One of the OSPF processes is running in a VRF (VRF Lite). I have checked traffic on the interfaces during the high CPU event and have seen nothing out of the ordinary. There have been no changes to the config that correlate with the start of the CPU spikes. During the high CPU SSH to the box is responsive. Based on the stated config/harware/ios; does anyone have any suggestions for things to check to try to pinpoint what is causing the high CPU?
09-09-2009 08:37 AM
This might provide some guidance.
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a00804cef15.shtml
09-09-2009 08:43 AM
Please try to capture a:
sh proc cpu
sh plat health
During the high cpu period so we can investigate further about the cause
09-09-2009 09:17 AM
09-09-2009 09:37 AM
Thanks, one particular process is really high:
IP Input
There are a couple of causes of this but first lets see if due to icmp redirects the cpu is spiking when there is more traffic.
I don't know if this is your case but normally the 4500 is the default-gateway for the hosts/servers and then you have some routers/firewalls on a separate vlan than the hosts that the 4500 redirects the traffic to.
Do you have routers/firewalls on the same vlan(subnet) than heavy traffic users or servers, if so, the 4500 may be sending icmp redirects back to the hosts so they use the router/firewall as the next-hop instead of the 4500. If this is the case then you can disable redirects on the interface vlans of the 4500
"no ip redirects"
09-09-2009 11:49 AM
Thank you for your reply.
We do have "no ip redirects" configured on the interface vlans. The 4000 does serve as the gateway for most of the networks in this area. The gateway is an HSRP address between 2 4000's. The routers/firewalls for these networks are on seperate VLANs.
09-09-2009 01:16 PM
Then it should be traffic being processed by software. try to set up a capture during the period of high util using this:
http://www.cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a00804cef15.shtml#tool2
09-18-2009 02:03 PM
09-19-2009 07:31 AM
Could try to clear all your counters and see if you are experiencing input/output drops during high cpu.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide