Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

High Utilization of the Router CPU


We encounter a high CPU utilization problem when users run the multi-thread download program. It seems that the program will generate thousands of connections to the server with different client ports. However, some servers cannot accept too many connections. Thousands of requests are rejected or ignored but the program seems continuously sending these requests and trying to occupy all available sessions on the server.

As the router need to handle thousands of useless requests or flows, the effect is just like the DOS attacks which use up all available resources on the network, such as the machine CPU time, bandwidth and network equipment processing power. Although most of routers can handle a large volume of traffic, it is quite sensitive to the number of PPS. You can imagine that if there are four to five users simultaneously running these programs, the border router may be overloaded.

Do you have any suggestion on this issue?

Thanks in advance.



Re: High Utilization of the Router CPU

I must admit I have no praticial experience with regard to this subject, but I would look into rate-limiting the SYN packets (on the router closes to the user).

Have a look at

If you know the port number(s) the download program uses, you can modify the accesslist to only ratelimit syn packets to these ports.

Hope this helps


New Member

Re: High Utilization of the Router CPU

First of all, to get the CPU utilization back to normal , clear all NAT translations.

As this multithreaded pgm doesnot use fixed port number ,blocking of port will not help.But to get rid of this problem use the feature NBAR.