Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11228
Views
6
Helpful
3
Replies

IP NAT Ager overloading my CPU

Go to solution
mathieu.ploton
Level 1
Level 1

‎02-08-2010 07:01 AM - edited ‎03-04-2019 07:26 AM

Hello,


I have a big issue with the VPN router of a small office (70 users). This router is also use for Internet browsing. The router cpu is around 99% due to the IP NAT AGER process.

CPU utilization for five seconds: 99%/3%; one minute: 97%; five minutes: 90%
PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
178     2755628     43326      63602 94.43% 93.54% 85.06%   0 IP NAT Ager

sh ip nat tra

Total active translations: 31819 (0 static, 31819 dynamic; 31819 extended)
Outside interfaces:
  FastEthernet0/0
Inside interfaces:
  FastEthernet0/1
Hits: 725042  Misses: 47287
CEF Translated packets: 750176, CEF Punted packets: 11536
Expired translations: 43226
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 10 interface FastEthernet0/0 refcount 11819
Appl doors: 0
Normal doors: 0
Queued Packets: 0

interface Tunnel1
bandwidth 1024
ip address zzzz 255.255.255.252
ip mtu 1420
ip tcp adjust-mss 1350
keepalive 10 3
tunnel source xxxxx
tunnel destination yyyyy
!
interface FastEthernet0/0
ip address y.y.y.y 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map WANMAP
!
interface FastEthernet0/1
ip address x.x.x.x 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto

ip nat inside source list 10 interface FastEthernet0/0 overload

What is this ? Are there worms on my LAN ? Is it the virtual reassembling thing that is creating some issues ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
spremkumar
Level 9
Level 9
In response to mathieu.ploton

‎02-11-2010 04:08 AM

Hi

To find out the root cause you can enable netflow in your local lan interface and find out whats happening with the traffic transactions.

With that you can come to a solid conclusion or atleast get a clue on what is making or hogging the CPU up.

Configure ip route-cache flow under your local lan ethernet interface and make use of show ip cache flow to check the traffic transactions.

Hope the below link helps u out.

http://www.cisco.com/en/US/docs/ios/12_3/switch/command/reference/swi_s1.html#wp1066187

regds

View solution in original post

3 Replies 3

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame

‎02-08-2010 11:09 AM

Buggy IOS, upgrade.

Go to solution
mathieu.ploton
Level 1
Level 1
In response to paolo bevilacqua

‎02-09-2010 02:32 AM

It's quite new : flash:c1841-advipservicesk9-mz.124-19.bin

0 Helpful

Go to solution
spremkumar
Level 9
Level 9
In response to mathieu.ploton

‎02-11-2010 04:08 AM

Hi

To find out the root cause you can enable netflow in your local lan interface and find out whats happening with the traffic transactions.

With that you can come to a solid conclusion or atleast get a clue on what is making or hogging the CPU up.

Configure ip route-cache flow under your local lan ethernet interface and make use of show ip cache flow to check the traffic transactions.

Hope the below link helps u out.

http://www.cisco.com/en/US/docs/ios/12_3/switch/command/reference/swi_s1.html#wp1066187

regds

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card