Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Increased CPU due to Firewall

Hi CSC,

I came across a interesting sympton. Please refer to the following topology.

host 1 <-> R1 <-> R2 <-> FW<-> host2

host 1 is configured to send syslog to host2, however due to firewall ACL is not configured, this has caused a spike to 99% in R1 which already has 70% - 80% cpu.

My questions are :

1) Even if the firewall is sending RST back to host 1, it should not caused an 20% cpu increase in R1 cpu. Why this is so? Router model is 3620.

2) How do i prevent this from happening in future? This could potentially allow someone to send random traffic to hosts and cause network performance issue. Is there a way to turn off the RST response from the Firewall? This is an Cisco ASA.

Rgrds,

Benson

Everyone's tags (3)
1 REPLY
New Member

Increased CPU due to Firewall

hi,

whats the ios on 3620?

so youre saying that if there is a log message sent from host 1, passing trough R1, it will cause a 20% spike cpu process?

152
Views
0
Helpful
1
Replies
CreatePlease to create content