Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2588
Views
9
Helpful
2
Replies

High CPU usage after configured PBR

minkoaung139
Level 1
Level 1

‎10-13-2013 08:17 AM - edited ‎03-07-2019 04:00 PM

Hi,

I have some issue with high cpu usage on my cisco Catalyst 4500 L3 Switch.

After I configured Policy Base Routing(PBR), cpu utilization was about 97% when the high traffic was passing through to this policy.

Please kindly let me know how to solve this issue.

Thanks.

Regards,

Min

Labels:
0 Helpful
2 Replies 2

Wilson Bonilla
Level 3
Level 3

‎10-16-2013 12:31 PM

Hello Minko

The Catalyst 4500 switching engine supports matching a "set next-hop" route-map action with a packet on a permit ACL. All other route-map actions, as well as matches of deny ACLs, are supported by a flow switching model. In this model, the first packet on a flow that matches a route-map will be delivered to the software for forwarding. Software determines the correct destination for the packet and installs an entry into the TCAM so that future packets on that flow are switched in hardware. The Catalyst 4500 switching engine supports a maximum of 4096 flows.

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/25ewa/configuration/guide/pbroute.html#wpxref23550

In order to resolve this problem following this step:

When route-maps are used in conjunction with access-lists then you should only permit in the acls to match traffic and then use permit/deny as needed in the route-map. For example if you wanted to deny network 10.5.5.0/24 and permit network 10.6.6.0/24 you would do the following:

access-list 1 permit 10.5.5.0 0.0.0.255

access-list 2 permit 10.6.6.0 0.0.0.255

route-map cisco deny 5

match ip address 1

route-map cisco permit 10

match ip address 2

Regards.

Wilson B

Please rate useful post!!

minkoaung139
Level 1
Level 1
In response to Wilson Bonilla

‎10-17-2013 08:43 AM

Hi Wilson,

Thanks for your reply.

Please let me tell about my configuration details.

I have three internet lines(LineA, LineB and LineC).

LineA for default gateway and LineB and LineC used for another purpose.

I have three subnet (172.16.1.0/26, 172.16.1.64/26, 172.16.1.128/25) that are used in Policy Based Routing.

I used internet LineB for subnet 172.16.1.0/26 and internet lineC for subnet (172.16.1.64/26 and 172.16.1.128/25).

So, my configuration for policy base routing is -

ip access-list extended LineB

permit ip 172.16.1.0 0.0.0.63 any

ip access-list extended LineC

permit ip 172.16.1.128 0.0.0.127 any

permit ip 172.16.1.64 0.0.0.63 any

route-map PBR permit 100

match ip address LineB

set ip default next-hop 10.10.10.1

route-map PBR permit 101

match ip address LineC

set ip default next-hop 10.10.20.1

These two lines(LineB and LineC) have high bandwidth usage everyday.

Whenever the LineB used the high bandwidth(about 16 to 20 Mbps), the cpu utilization was ok and just a little bit high.

But for LineC, whenever it used the high bandwidth(about 16 to 20 Mbps), the cpu utilization was quite bad and over 90% usage.

I used "set ip default next-hop" because I have to use local routing table of core switch for other vlan and intranet network connectivity.

In this case, how can I solve this high cpu utilization issue?

Great thanks for your reply.

Regards,

Min Ko

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card