Our IP Input cpu processes show command, shows that we are using about 60% of its capacity which is apparently huge.
We had no major changes in our configuration, we followed some steps in the cisco documentation on troubleshooting it, but to no avail.
We have a Cisco WS-3550 48 Port EMI
We have about 400 vlans with their own subnets and some static routes going to different vlans (all that is part of our migration to one subnet per customer). As per our graphs, there are some slight changes in cpu usage at times but fairly stays steady at the amount stated above.
We are not sure where to check now, can you please provide any help?
If you've troubleshot the situation according to this document and you still haven't been able to pinpoint the problem, you may want to think of a code upgrade.
I've seen this before a few times on the 3550 and the problem has been a bug in the code. Oftentimes, bugs remain dormant until something triggers them.
You can use the Cisco IOS planner to plan an upgrade.
1) We have the latest IOS for that machine
2) We did not do ALL the steps as we are not even sure exactly what to look for. The steps mentionned for us since we have over 400 vlans, is very extensive to check every single details.
Anything you may recommend?
Can you show your config (just the base stuff and one VLAN - we don't need to see all 400 if they're configured the same).
One thing that we just tripped over fairly recently is if you are using RPF with an access list - that has to get handled in software as opposed to hardware. IE:
ip verify unicast source reachable-via rx
is in hardware,
ip verify unicast source reachable-via rx 100
(with 100 being an ACL) is in software.
That is just a very wild stab in the dark, however.
Here is our configuration split in different sections separated by .. .. ..
I am sending a little bit of every section of our config file so you may help. I also replaced with "XXXX" every part I did not want to publish which should not affect the diagnosis anyways.
I have attached the configuration file.
Check if you have any IP route statement configured pointing to a specific IP address.
ip route 10.10.10.0 188.8.131.52 184.108.40.206
The only one I have routing to a specific IP is the one that goes out to my provider so:
ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.XXX
That is the only one, telling anything you do not know send to this location which is my provider.
Please let me know. Very appreciated
what I see from the configuration is lots of routes configured in the following fasion -
ip route X.X.X.X X.X.X.X vlan2
change these statements to
ip route X.X.X.X X.X.X.X vlan2 next-hop-ip
Observer the CPU utilization.
But what is next-hop-ip ?? We want those IP's to go to that vlan specified.. Can you explain what difference it with the next-hop-ip ??
Well we are using a cisco ws 3550 48 port emi switch, that connects to about several cisco 2950 switches as uplinks and then connects to the servers from those 2950's.
The GIGE uplinks on the 3550 are connected to the provider.
Hope this helps