Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Frozen router problem

--begin ciscomoderator note-- The following post has been edited to remove potentially confidential information. Please refrain from posting confidential information on the site to reduce security risks to your network. -- end ciscomoderator note --

Hi All,

I have encountered the following problem with a 3600 (config below) Freezing and not passing any taffic. this has happend on anumber of occasions. I have shortened the access list which is slightly longer.

Any ideas of possible causes

Thanks in advance

Current configuration : 20304 bytes

!

version 12.1

service nagle

service timestamps debug uptime

service timestamps log uptime

service password-encryption

service sequence-numbers

!

hostname XXXXXXXXX1

!

enable secret 5 --moderator edit--

!

username XXXXXXXXX1 password 7 --moderator edit--

username XXXXXXXXXXX password 7 --moderator edit--

username XXXXXXXXXXX password 7 --moderator edit--

username XXXXXXXXXXX password 7 --moderator edit--

!

!

!

!

ip subnet-zero

no ip finger

no ip domain-lookup

!

ip inspect name conferencing tcp

ip inspect name conferencing ftp

ip inspect name conferencing http java-list 51

ip audit notify log

ip audit po max-events 100

isdn switch-type basic-net3

!

!

!

interface Ethernet0/0

no ip address

shutdown

!

interface Serial0/0

no ip address

shutdown

!

interface Ethernet0/1

no ip address

shutdown

!

interface BRI1/0

no ip address

shutdown

isdn switch-type basic-net3

!

interface BRI1/1

no ip address

shutdown

isdn switch-type basic-net3

!

interface BRI1/2

no ip address

shutdown

isdn switch-type basic-net3

!

interface BRI1/3

no ip address

shutdown

isdn switch-type basic-net3

!

interface Ethernet2/0

description Connection to XXXXXXXXXXX

ip address XXXXXXXXXXX 255.255.255.0

ip access-group 101 in

ip access-group 102 out

ip inspect XXXXXXXXXXX in

ip ospf message-digest-key 10 md5 7 --moderator edit--

!

interface Serial2/0

description Kilostream connection to XXXXXXXXXXX

no ip address

shutdown

!

interface Ethernet2/1

description Connection to XXXXXXXXXXX NAT router via ethernet

ip address XXXXXXXXXXX 255.255.255.252

load-interval 30

!

interface Serial2/1

no ip address

shutdown

!

interface BRI3/0

no ip address

ip inspect XXXXXXXXXXX out

encapsulation ppp

dialer rotary-group 1

dialer priority 255

isdn switch-type basic-net3

no cdp enable

!

interface BRI3/1

no ip address

ip inspect XXXXXXXXXXX out

encapsulation ppp

dialer rotary-group 2

dialer priority 255

isdn switch-type basic-net3

no cdp enable

!

interface BRI3/2

no ip address

ip inspect XXXXXXXXXXX out

encapsulation ppp

dialer rotary-group 3

dialer priority 255

isdn switch-type basic-net3

no cdp enable

!

interface BRI3/3

no ip address

shutdown

isdn switch-type basic-net3

!

interface Dialer1

description Connection to XXXXXXXXXXX

ip address XXXXXXXXXXX 255.255.255.252

ip access-group 102 in

ip access-group 101 out

ip directed-broadcast

ip inspect XXXXXXXXXXX out

encapsulation ppp

no keepalive

dialer in-band

dialer idle-timeout 1800

dialer string XXXXXXXXXXX

dialer load-threshold 60 either

dialer-group 5

no cdp enable

ppp authentication chap

ppp multilink

!

interface Dialer2

description ISDN connection to XXXXXXXXXXX

ip address XXXXXXXXXXX 255.255.255.252

ip access-group 102 in

ip access-group 101 out

ip inspect conferencing out

encapsulation ppp

no keepalive

dialer in-band

dialer idle-timeout 300

dialer string XXXXXXXXXXX

dialer load-threshold 60 either

dialer-group 6

no cdp enable

ppp authentication chap

ppp multilink

!

interface Dialer3

description Backup ISDN to XXXXXXXXXXX

ip address XXXXXXXXXXX 255.255.255.252

ip access-group 102 in

ip access-group 101 out

ip inspect XXXXXXXXXXX out

encapsulation ppp

no keepalive

dialer in-band

dialer idle-timeout 300

dialer string XXXXXXXXXXX

dialer string XXXXXXXXXXX

dialer load-threshold 60 either

dialer-group 6

no cdp enable

ppp authentication chap

ppp multilink

!

router ospf 323

log-adjacency-changes

area 3 authentication message-digest

redistribute connected metric 1 metric-type 1 subnets

redistribute static metric 1 metric-type 1 subnets

network XXXXXXXXXXX.0 0.0.0.255 area 3

!

ip classless

ip route XXXXXXXXXXX 255.255.255.128 XXXXXXXXXXX

ip route XXXXXXXXXXX 255.255.255.128 XXXXXXXXXXX

ip route XXXXXXXXXXX 255.255.255.128 XXXXXXXXXXX 250

ip route XXXXXXXXXXX 255.255.255.128 XXXXXXXXXXX

no ip http server

!

access-list 51 permit any

access-list 71 permit XXXXXXXXXXX

access-list 71 permit XXXXXXXXXXX

access-list 71 permit XXXXXXXXXXX

access-list 71 permit XXXXXXXXXXX

access-list 71 permit XXXXXXXXXXX

access-list 101 permit ospf any any

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.3.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.31 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX0.0.255.255 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.15 any eq 5750

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.3.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX.0 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.31 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.15 any eq www

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.3.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.31 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.15 any eq 1433

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.3.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.1.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.31 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.255.255 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX172.25.22.16 0.0.0.15 any eq 1073

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq telnet

access-list 101 permit tcp XXXXXXXXXXX 0.0.0.255 any eq telnet

access-list 102 permit ospf any any

access-list 102 permit icmp any any echo-reply

access-list 102 permit icmp any any traceroute

access-list 102 permit icmp any any time-exceeded

access-list 102 permit icmp any any packet-too-big

access-list 102 permit icmp any any unreachable

dialer-list 5 protocol ip permit

dialer-list 6 protocol ip permit

snmp-server community btconf RO

snmp-server location XXXXXXXXXXX

snmp-server contact XXXXXXXXXXX

snmp-server chassis-id XXXXXXXXXXX

banner motd ^CC*** NO UNAUTHORISED ACCESS ***

^C

!

line con 0

exec-timeout 30 0

password 7 --moderator edit--

logging synchronous

login

transport input none

line aux 0

line vty 0 4

access-class 71 in

exec-timeout 30 0

password 7 --moderator edit--

login

3 REPLIES
Cisco Employee

Re: Frozen router problem

That is because of high cpu on a router. We need to see which process is hogging the cpu of the router. So for that you need to plug the console on a router and leave it and hopefully router will exhibit some indication (like tracebacks) about process spiking the cpu.

Also try to moniter the box using "sh proc cpu" and see what process is spiking it when cpu goes near 90 to 99%.

New Member

Re: Frozen router problem

Hi there,

I have telneted into the router and had a look at the CPU, the highest usage is :

PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process

25 913040 992092 920 0.57% 0.73% 0.72% 0 IP Input

Your previous statment (plug the console on a router and leave it) do I need to have any thing else running while hyper terminal is up ?

Also not sure what you mean when you say trace backs.

Cisco Employee

Re: Frozen router problem

When you issue "sh proc cpu" you need to see the first line where it reports the cpu usage in general with 1, 5 min avg etc. If that is beyond 80% for 5 min average, its a problem so after that you need to start seeing the processee which is hogging it.

Here is the url for troubleshooting high cpu on a router.

http://www.cisco.com/warp/public/63/highcpu.html

Now leave the console plugged in. Router will exhibit some error messages or some indication during high cpu on a console. Also remove "logging synchronous" from the line con 0.

105
Views
0
Helpful
3
Replies
CreatePlease login to create content