High CPU utilization due to high ARP Input process
One of the Cat 6500 VSS switches have been experiencing high cpu peaks for sometime. On analysis it was observed that it was due to high 'ARP Input' process. There are no static routes configured in this switch, no incomplete ARP entries or any inferences of DoS attack.
DIST_SW>sh proc cpu
CPU utilization for five seconds: 98%/31%; one minute: 79%; five minutes: 37%
PID Runtime(ms)InvokeduSecs5Sec1Min5Min TTY Process
I suspect it could be due to "proxy-arp" turned on by default under the interfaces and arranging to disable it. I've also started engaging server teams to verify if the subnet mask & default-gateway are configured correctly in all the servers along with any static routes configured pointing to a NIC as next-hop.
UK_PR_DIST_02>sh ip traffic | b ARP
Rcvd: 1752882295 requests, 30808911 replies, 3228 reverse, 0 other
Re: High CPU utilization due to high ARP Input process
Hi, thanks for your reply. I had already sniffed the traffic and shared ip /mac addr of hosts innolved in ARP broadcasts. However server admin didnt find any anamoly with the NIC settings. Disabling proxy ARP is more of protecting switches from being hit by ARP storm.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.