IP CEF hardware adjacency resources exhausted on Catalyst 4500

asarlo · ‎02-21-2006

Hello,

I have a Cat 4510R with IOS 12.2(25)EW 5 and we are migrating an old network and connecting to this switch. We define a temporary VLAN xxx configured with an ip address 10.1.102.x /24 bits mask where the old network is connected. The old network has the ip subnet 10.1.x.x. The cat 4500 have another VLANs defined with ip address of 10.1.x.x /24 so we need to define a new VLAN for the old network and the IP subnets that not belong to this one, have to resolve the route through proxy arp. The switch have a default route through this VLAN xxx.

The problem we have is that the IP CEF table ("show ip cef details) is populated with too much entrys (internet hosts also are in the table) and sometimes appeared the error : Feb 20 11:05:38: %C4K_IOSIPROUTEMAN-3-ADJMANNOMOREADJS: AdjMan: hardware adjacency resources exhausted, performance may be degraded.

It's seems the problem is related to this configuration but I don't know how can i do to resolve it, without changing the IP subnetting in the old network, that includes all the servers. Now they have most of the hosts connected in the cat 4500 but, the servers, some few hosts, firewall and Internet connection are still in the old network.

Thanks a lot for your help.

Anacelia

jarathbu · ‎02-21-2006

Hello,

Is the static route you have configured pointed to the interface or to the IP address of the interface?

See the following link for additional details:

http://www.cisco.com/en/US/tech/tk827/tk831/technologies_tech_note09186a00800cdf2e.shtml

Hope this helps.

Regards,

James

asarlo · ‎02-22-2006

Hello James,

the default static route point to VLAN 999. I'am attaching you the 4510R configuration and a network diagram. The customer assure that there is no IP address overlap or duplicate addressess.

Thanks for your suggestions.

Regards, Anacelia

jarathbu · ‎02-22-2006

Hello,

==================================================

Error Message C4K_IOSIPROUTEMAN-3-ADJMANNOMOREADJS:AdjMan:hardwar e adjacency resources exhausted, performance may be degraded.

Explanation Hardware adjacency resources have been exhausted. The Supervisor Engine III will forward packets to this adjacency in software. This action will likely represent a significant performance degradation.

Recommended Action Reduce the number of adjacencies loaded into the routing table, and then clear the IP routing table.

==================================================

In your case I believe the problem is with the default route you have pointing directly to VLAN999 interface. The network diagram provided shows legacy servers in the 10.1.0.0/16 network. You have a specific host route configured and a default route as follows:

ip route 0.0.0.0 0.0.0.0 Vlan999

ip route 10.1.1.50 255.255.255.255 Vlan999

So basically, every time a packet matches the longest prefix of 0.0.0.0 (or doesn't have another FIB entry) will be sent out the VLAN999 interface and a subsequent ARP will be generated to learn the MAC to forward to.

Preferrably the static routes would point to a next-hop-ip on a multiaccess interface. Is there are multiple Layer 3 devices you could point the routes to to avoid the excessive ARPing? If not can you limit the default route to point to the firewall and assign the /16 route to the interface.

http://www.cisco.com/en/US/products/hw/iad/ps397/products_tech_note09186a00800a73e9.shtml#topic7

Hope this helps.

Regards,

James