IP CEF hardware adjacency resources exhausted on Catalyst 4500
I have a Cat 4510R with IOS 12.2(25)EW 5 and we are migrating an old network and connecting to this switch. We define a temporary VLAN xxx configured with an ip address 10.1.102.x /24 bits mask where the old network is connected. The old network has the ip subnet 10.1.x.x. The cat 4500 have another VLANs defined with ip address of 10.1.x.x /24 so we need to define a new VLAN for the old network and the IP subnets that not belong to this one, have to resolve the route through proxy arp. The switch have a default route through this VLAN xxx.
The problem we have is that the IP CEF table ("show ip cef details) is populated with too much entrys (internet hosts also are in the table) and sometimes appeared the error : Feb 20 11:05:38: %C4K_IOSIPROUTEMAN-3-ADJMANNOMOREADJS: AdjMan: hardware adjacency resources exhausted, performance may be degraded.
It's seems the problem is related to this configuration but I don't know how can i do to resolve it, without changing the IP subnetting in the old network, that includes all the servers. Now they have most of the hosts connected in the cat 4500 but, the servers, some few hosts, firewall and Internet connection are still in the old network.
Error Message C4K_IOSIPROUTEMAN-3-ADJMANNOMOREADJS:AdjMan:hardwar e adjacency resources exhausted, performance may be degraded.
Explanation Hardware adjacency resources have been exhausted. The Supervisor Engine III will forward packets to this adjacency in software. This action will likely represent a significant performance degradation.
Recommended Action Reduce the number of adjacencies loaded into the routing table, and then clear the IP routing table.
In your case I believe the problem is with the default route you have pointing directly to VLAN999 interface. The network diagram provided shows legacy servers in the 10.1.0.0/16 network. You have a specific host route configured and a default route as follows:
ip route 0.0.0.0 0.0.0.0 Vlan999
ip route 10.1.1.50 255.255.255.255 Vlan999
So basically, every time a packet matches the longest prefix of 0.0.0.0 (or doesn't have another FIB entry) will be sent out the VLAN999 interface and a subsequent ARP will be generated to learn the MAC to forward to.
Preferrably the static routes would point to a next-hop-ip on a multiaccess interface. Is there are multiple Layer 3 devices you could point the routes to to avoid the excessive ARPing? If not can you limit the default route to point to the firewall and assign the /16 route to the interface.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...