We are investigating a problem with unreasonably high CPU utilization, with one of our FWSM modules in a 6509-E. This is a newly implemented module with practically zero traffic passing through it but still, the CPU is at 20-22%. Here's some information:
<FWSM>/actNoFailover# sh ver
FWSM Firewall Version 3.1(10)
Device Manager Version 6.2(1)F
<FWSM>/actNoFailover# show pc conn
0 in use, 0 most used
<FWSM>/actNoFailover# sh resource usage
Resource Current Peak Limit Denied Context
Telnet 1 2 5 0 System
ASDM 1 1 5 0 System
Conns 11 35 unlimited 0 System
Xlates 12 124 unlimited 0 System
Hosts 12 124 unlimited 0 System
fw-mgmtdc-kln-01/actNoFailover# sh processes cpu-hog
MAXHOG NUMHOG LASTHOG Process
-------------- --------------- --------------- ---------
<FWSM># sh cpu usage
CPU utilization for 5 seconds = 18%; 1 minute: 18%; 5 minutes: 18%
Please let me know if you require any additional information so that i will provide them. Any help as to why we are getting such high CPU readings, will be greatly appreciated.
Do you have OSPF enabled on the FWSM? If so, it is normal and expected that the CPU utilization increase to around 20% continuously, with no traffic through the FWSM.
Even though the CPU is at 20% due to the OSPF process, that process will yield the CPU usage if it is required for other, higher priority tasks (such as packet processing on the control-point).
You can do "sh process", wait for 60 seconds and do it again.
Than you load the columns for the processes in a spreadsheet and subtract them and you will see what process kept the cpu for the most amount of time.
The you will know which process is eating up your cpu most.
I hope it helps.