×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Performance limitations on the CSS - What are they ?

Unanswered Question
Nov 15th, 2006
User Badges:

Hi, we have two CSS11503 and two 11050 boxes which we think could be hitting the limits in how much traffic, concurrent connections etc they can handle.


Does anyone have a link to the Cisco figures for what these boxes can handle, and is there a way to get this info from the boxes ?


cheers,


Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Wed, 11/15/2006 - 02:05
User Badges:
  • Cisco Employee,

Mike,


from the box, you can do a 'flow stat' in debug/llama mode.


Check the following info:


Number of Free fast-path FCBs 131071

Number of Flow Drops 0

Max Number of Flow Control Blocks 537157


If you have drops, this is a sign you have reached the limit.

If your number of free FCB is low, the risk to have drops is high.


That's for the number of concurrent connections.


For number of new connection/sec, you should check the CPU with


'show system-resources'.

If you're continously high above 60% on all modules, you're close to the limit of traffic the box can handle.


Gilles.

michael.e.reid Wed, 11/15/2006 - 04:18
User Badges:

Thanks for the great reply Gilles.


For the flow stats our figures look OK:


Number of Free fast-path FCBs 64223

Number of Flow Drops 0

Max Number of Flow Control Blocks 116648


But our SCM and SAM are continuosly at 100% which is obviously not good.


But would be not expect to see flow drops when our processors are maxed out ?


We are having an issue with only one content rule at the moment, could we have an issue with a single process, or perhaps a memory leak ?


cheers,


Mike

Gilles Dufour Wed, 11/15/2006 - 06:12
User Badges:
  • Cisco Employee,

Mike,


the drop counter in the flow stat increases when there is no FCM memory available. No if the box is overload.


For your cpu issue, you may check 'sho ip stat' to see what amount of traffic you get.


There is the possibility of a process going crazy and consuming all CPU, but I do not think you would have both SCM and SAM running very high at the same time.


You can do a 'cpu hog 1' to see the most recent process. Do it several times.

If the same process comes again and again that's the one consuming the CPU.

If it is something like tFlowMgrPktRx it means you are simply receiving a lot of traffic.


Is your content rule affecting the box a L7 rule ? If yes, try to make it L3/4 to see if that helps. Just to confirm this is related t o traffic.


Gilles.

michael.e.reid Fri, 11/17/2006 - 04:41
User Badges:

Gilles,


Does the output below tell me that I have a max of 116648 concurrent flows (well 53324, half as a TCP flow uses up two) that the CSS can handle on this processor.


Max Number of Flow Control Blocks 116648


cheers,


Mike


Actions

This Discussion