cpu utilization for cisco 1803

Answered Question
Sep 21st, 2010
User Badges:

Hallo, we have a cisco 1803 isr router connected to a 4Mbps shdl line.


We use the line for data and voip.




HERE IS PART OF "SH VER"




router1803#
router1803#show version
Cisco IOS Software, C180X Software (C180X-ADVIPSERVICESK9-M), Version 12.4(6)T5, RELEASE SOFTWARE (fc1)


...
System image file is "flash:c180x-advipservicesk9-mz.124-6.T5.bin"



....



Cisco 1803 (MPC8500) processor (revision 0x400) with 118784K/12288K bytes of memory.
Processor board ID FCZ11161178, with hardware revision 0000




1 DSL controller
9 FastEthernet interfaces
1 ISDN Basic Rate interface
1 ATM interface
31360K bytes of ATA CompactFlash (Read/Write)




Configuration register is 0x2102



router1803#




The qos is configured on router.


Sometimes we have voice quality problem and I suspect that the router is "overloaded" but I can't find an indication about HIGH CPU UTILIZATION VALUES.




HERE IS "SH PROCESS CPU HISTORY"





router1803#sh processes cpu history




router1803   03:30:40 PM Tuesday Sep 14 2010 CEST




                                                            
        11111     33333111112222211111                      
    222299999222220000077777555559999966666     66666     7777
100                                                           
90                                                           
80                                                           
70                                                           
60                                                           
50                                                           
40                                                           
30               *****     *****                             
20     *****     ********************                        
10     *****     *************************     *****     *****
   0....5....1....1....2....2....3....3....4....4....5....5....
             0    5    0    5    0    5    0    5    0    5  
               CPU% per second (last 60 seconds)
                                                            
    3111111111111111111111111211121111111 11  1 11111211111111
    0167328764758666855445655256204473927503593831555034322671
100                                                           
90                                                           
80                                                           
70                                                           
60                                                           
50                                                           
40                                                           
30 *                                                         
20 * **  *** *********  ******* *  * * *         ****     ** 
10 #**#******####**##******##*###*##*************#*******####**
   0....5....1....1....2....2....3....3....4....4....5....5....
             0    5    0    5    0    5    0    5    0    5  
               CPU% per minute (last 60 minutes)
              * = maximum CPU%   # = average CPU%
                                                                        
    2232331111111111112222222123221111111111111111111111111111111111111113
    0304308566764665583825564971858454552345544454444455555525655653555330
100                                                                       
90                                                                       
80                                                                       
70                                                                       
60                                                                       
50                                                                       
40                                                                       
30   * **             * ***  ****                                       *
20 ************ ****************** * **   **   *     ****** ****** ***  ***
10 ************************************************************************
   0....5....1....1....2....2....3....3....4....4....5....5....6....6....7.
             0    5    0    5    0    5    0    5    0    5    0    5    0
                   CPU% per hour (last 72 hours)
                  * = maximum CPU%   # = average CPU%




router1803#






Someone can tell me when we can say that the cpu of the router is overloaded for this model ?




best regards




francesco

Correct Answer by jorge.calvo about 6 years 7 months ago

Hello,


Please see my answers:


1) when we can say that the cisco1803 cpu is overloaded , what is the threshold from "sh process cpu history" output ?


     It can be said a router CPU is overloaded when it reaches high CPU load values and it starts to impact the service, usually CPU > 75 - 80% sustained  during a period of time and not only a few spikes.


For a cisco router what is in the last 60'' the cpu threshold utilization that we can consider an overload ?


     Everything above 75 - 80% can be considered an overload.


2) here is the QoS config, we can see that there are voip drops, but we don't know why


     The part I would not have implemented that way is how you match the VoIP traffic on the class-map VOIP. You are using an ACL that matches all the IP traffic from one host to the rest of the network. If you want to use an ACL, I would configure it to match UDP and TCP ports used on VoIP and in both directions, something like:


Matching H.323 traffic:

    

     access-list 102 permit udp any any range 16384 32776


If the phones already tag the voice packets or they are tagged before leaving the router you can use an ACL like:


     access-list 102 permit udp any any dscp ef


If the phones do not tag the traffic or you do not know the UDP port range you can use:


     access-list 102 permit udp host 77.244.176.156 any


However, if possible it would be recommended a configuration like:


     class-map VOIP

          match ip precedence 5

or

     class-map VOIP

          match ip dscp ef

         


I would match VoIP signalling traffic too using an ACL matching TCP traffic on port 1720 on both directions


or with a class-map like:


     class-map VOIP_SIGNAL

          match ip dscp cs5


Hope this helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
jorge.calvo Tue, 09/21/2010 - 04:48
User Badges:
  • Bronze, 100 points or more

Hello,


Your CPU is not overloaded at all. If you suffer voice issues in congestion times it could be because a wrong QoS configuration for VoIP traffic.


Please, post the QoS configuration related to VoIP.


Cheers.

fsoffia Wed, 09/22/2010 - 05:09
User Badges:

Hi Jorge,


1) when we can say that the cisco1803 cpu is overloaded , what is the threshold from "sh process cpu history" output ?


For a cisco router what is in the last 60'' the cpu threshold utilization that we can consider an overload ?


2) here is the QoS config, we can see that there are voip drops, but we don't know why



!
ip cef
!
controller DSL 0
mode atm
line-term cpe
line-mode 4-wire standard
dsl-mode shdsl symmetric annex B
line-rate 4096
!
class-map match-all VOIP
match access-group 102
class-map match-all DATI
match access-group 103
!
!
policy-map WAN-OUT
class VOIP
  priority 200
class DATI
  bandwidth 2700
class class-default
  fair-queue
!        
!
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface ATM0
bandwidth 3550
no ip address
load-interval 30
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
description ATM Symmetric SHDSL
bandwidth 3550
ip address 80.244.115.108 255.255.255.0
ip virtual-reassembly
rate-limit input access-group 101 3000000 562500 1125000 conform-action transmit exceed-action drop
no snmp trap link-status
pvc 8/35
  vbr-nrt 3550 3550
  tx-ring-limit 3
  oam-pvc manage
  encapsulation aal5snap
  service-policy output WAN-OUT
  max-reserved-bandwidth 85
!
!
interface Vlan1
description LAN Pubblica
ip address 77.244.176.153 255.255.255.248
no ip redirects
no ip proxy-arp
rate-limit input access-group 103 3000000 562500 1125000 conform-action transmit exceed-action drop
load-interval 30
!
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
!
access-list 101 permit ip any host 77.244.176.154
access-list 102 permit ip host 77.244.176.156 any
access-list 103 permit ip host 77.244.176.154 any
!


###


cisco1803#sh policy-map interface atM 0.1
ATM0.1: VC 8/35 -


  Service-policy output: WAN-OUT


    Class-map: VOIP (match-all)
      1600925 packets, 116412747 bytes
      30 second offered rate 109000 bps, drop rate 0 bps
      Match: access-group 102
      Queueing
        Strict Priority
        Output Queue: Conversation 136
        Bandwidth 200 (kbps) Burst 5000 (Bytes)
        (pkts matched/bytes matched) 1600925/116412747
        (total drops/bytes drops) 811/69490


    Class-map: DATI (match-all)
      2922252 packets, 832988161 bytes
      30 second offered rate 180000 bps, drop rate 0 bps
      Match: access-group 103
      Queueing
        Output Queue: Conversation 137
        Bandwidth 2700 (kbps)Max Threshold 64 (packets)
        (pkts matched/bytes matched) 2922252/832988161
        (depth/total drops/no-buffer drops) 0/0/0


    Class-map: class-default (match-any)
      2392528 packets, 2481745524 bytes
      30 second offered rate 317000 bps, drop rate 0 bps
      Match: any
      Queueing
        Flow Based Fair Queueing
        Maximum Number of Hashed Queues 128
        (total queued/total drops/no-buffer drops) 0/0/0
cisco1803#
cisco1803#sh int atm 0
ATM0 is up, line protocol is up
  Hardware is MPC ATMSAR
  MTU 4470 bytes, sub MTU 4470, BW 3550 Kbit, DLY 90 usec,
     reliability 255/255, txload 41/255, rxload 52/255
  Encapsulation ATM, loopback not set
  Encapsulation(s): AAL5 , PVC mode
  23 maximum active VCs, 1024 VCs per VP, 1 current VCCs
  VC Auto Creation Disabled.
  VC idle disconnect time: 300 seconds
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 811
  Queueing strategy: Per VC Queueing
  30 second input rate 737000 bits/sec, 293 packets/sec
  30 second output rate 574000 bits/sec, 363 packets/sec
     4041852 packets input, 1012441364 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 7 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     6930786 packets output, 3432377868 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
cisco1803#



What could be the problem ?


thankyou


Francesco

Correct Answer
jorge.calvo Wed, 09/22/2010 - 06:55
User Badges:
  • Bronze, 100 points or more

Hello,


Please see my answers:


1) when we can say that the cisco1803 cpu is overloaded , what is the threshold from "sh process cpu history" output ?


     It can be said a router CPU is overloaded when it reaches high CPU load values and it starts to impact the service, usually CPU > 75 - 80% sustained  during a period of time and not only a few spikes.


For a cisco router what is in the last 60'' the cpu threshold utilization that we can consider an overload ?


     Everything above 75 - 80% can be considered an overload.


2) here is the QoS config, we can see that there are voip drops, but we don't know why


     The part I would not have implemented that way is how you match the VoIP traffic on the class-map VOIP. You are using an ACL that matches all the IP traffic from one host to the rest of the network. If you want to use an ACL, I would configure it to match UDP and TCP ports used on VoIP and in both directions, something like:


Matching H.323 traffic:

    

     access-list 102 permit udp any any range 16384 32776


If the phones already tag the voice packets or they are tagged before leaving the router you can use an ACL like:


     access-list 102 permit udp any any dscp ef


If the phones do not tag the traffic or you do not know the UDP port range you can use:


     access-list 102 permit udp host 77.244.176.156 any


However, if possible it would be recommended a configuration like:


     class-map VOIP

          match ip precedence 5

or

     class-map VOIP

          match ip dscp ef

         


I would match VoIP signalling traffic too using an ACL matching TCP traffic on port 1720 on both directions


or with a class-map like:


     class-map VOIP_SIGNAL

          match ip dscp cs5


Hope this helps.

fsoffia Thu, 09/23/2010 - 01:08
User Badges:

thankyou Jorge,

I'll rewrite he ACL for better match


Francesco

Actions

This Discussion