Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2781
Views
0
Helpful
6
Replies

high cpu load after switching on SSH

Go to solution
ROLAND CUNZ
Level 1
Level 1

‎12-27-2005 11:19 PM - edited ‎03-03-2019 11:19 AM

Hi all

10 days ago I configured SSH on a 2610XM with IOS 12.3(16) IPsec 3DES feature set. Since then I recognize high cpu load (sometimes 100%) on that router.

Is someone there who can give me a hint?

Thanks in advance

Roland

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
spremkumar
Level 9
Level 9
In response to ROLAND CUNZ

‎12-28-2005 12:08 AM

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

View solution in original post

0 Helpful
6 Replies 6

Go to solution
spremkumar
Level 9
Level 9

‎12-27-2005 11:42 PM

Hi

Would suggest to check out which process exactly hogs up the system.

you can make use of show process cpu command to check the same or show process cpu sorted will give u refined o/p.

also refer these links to know more on the same..

http://www.cisco.com/warp/public/63/highcpu.html

http://www.cisco.com/warp/public/63/showproc_cpu.html

regds

0 Helpful

Go to solution
ROLAND CUNZ
Level 1
Level 1
In response to spremkumar

‎12-27-2005 11:51 PM

Hi

thanks for your answer. I checked the show process cpu already. But I forgot to post the result. Sorry. It's the SSH process which is the top process in the list. If I disable ssh the load goes to a normal value (approx. 30%).

regards

Roland

0 Helpful

Go to solution
spremkumar
Level 9
Level 9
In response to ROLAND CUNZ

‎12-28-2005 12:08 AM

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

0 Helpful

Go to solution
ROLAND CUNZ
Level 1
Level 1
In response to spremkumar

‎12-28-2005 02:16 AM

Hi

I've made the upgrade on that router to 12.3(16a) and now the load decreased rapidly. Obviously there is a bug in the other release.

Thanks for your hint.

Roland

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎12-28-2005 12:40 AM

Hello Roland,

you might be dealing with SSH port scans, try and restrict SSH access as much as possible, by using an access list on the external facing interface on your router:

access-list 101 permit tcp host 10.10.10.1 host 192.168.1.1 eq 22

This example would allow SSH connections only between the two hosts specified.

HTH,

GP

This would deny SSH for all connections

0 Helpful

Go to solution
ROLAND CUNZ
Level 1
Level 1
In response to Georg Pauwen

‎12-28-2005 02:19 AM

Hi

thanks for your hint. You are right. But there is a ACL already in place.

regards

Roland

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card