PBR 6500 Increasing the CPU

Unanswered Question
May 25th, 2010

Hello. We have an 6500 WS-SUP720-3BXL. We have some traffic entering and exiting the router from module 3 (WS-X6748-SFP+CFC) VLAN 836 (USERS), and entering and exiting from the interface Tengiga 7/1 (INTERNET). We configured PBR in this interfaces to redirect the traffic to a Cache servers redirecting the traffic to the interfaces Tengiga 2/1 ( Internet) and 2/2 (Users). Once the traffic passes over the cache, is againg delivered to the router and follows the way to the users or the internet.

The problem is that when we applied the PBR. The CPU goes UP and along the day it seem to follow the growing of the traffic. Can somebody tell me if the traffic is processed switched? or by CEF? Do I need to configure anything?


I Attatch show tech in the moment of the problem.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
francisco_1 Tue, 05/25/2010 - 07:40

Cisco  has identified some serious software issues with the release which you are on. see below for The Release Notes has a brief explanation on what's supported on hardware for PBR

"Policy-based routing (PBR) with hardware assist  for route-map sequences that use the match ip addressset ip next-hop, and set ip  default next-hop PBR keywords."


Other notes:


Multi-VRF Selection Using  Policy Based Routing (PBR):


In releases where CSCsv22779 is not resolved, Multi-VRF Selection Using PBR does not support the use  of reflexive ACLs.


Adds hardware support for the set ip vrf next-hop command. Configure the set ip vrf next-hop command for policy based routing  within the same VRF.



Note The set ip  next-hop command is supported only within the global context, not  within the VRF context.

The PFC provides hardware support for  PBR configured on a tunnel interface.


The PFC does not provides hardware  support for PBR configured with the set ip next-hop keywords if the next hop is a tunnel interface.

If the MSFC address falls within the range of a  PBR ACL, traffic addressed to the MSFC is policy routed in hardware  instead of being forwarded to the MSFC. To prevent policy routing of  traffic addressed to the MSFC, configure PBR ACLs to deny traffic  addressed to the MSFC. (CSCse86399)

Any options in Cisco IOS ACLs that  provide filtering in a PBR route map that would cause flows to be sent  to the MSFC3 to be switched in software are ignored. For example,  logging is not supported in ACEs in Cisco IOS ACLs that provide  filtering in PBR route maps.


PBR traffic through switching module  ports where PBR is configured is routed in software if the switching  module resets. (CSCee92191)"



This Discussion