Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

high cpu load after switching on SSH

Hi all

10 days ago I configured SSH on a 2610XM with IOS 12.3(16) IPsec 3DES feature set. Since then I recognize high cpu load (sometimes 100%) on that router.

Is someone there who can give me a hint?

Thanks in advance

Roland

1 ACCEPTED SOLUTION

Accepted Solutions

Re: high cpu load after switching on SSH

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

6 REPLIES

Re: high cpu load after switching on SSH

Hi

Would suggest to check out which process exactly hogs up the system.

you can make use of show process cpu command to check the same or show process cpu sorted will give u refined o/p.

also refer these links to know more on the same..

http://www.cisco.com/warp/public/63/highcpu.html

http://www.cisco.com/warp/public/63/showproc_cpu.html

regds

New Member

Re: high cpu load after switching on SSH

Hi

thanks for your answer. I checked the show process cpu already. But I forgot to post the result. Sorry. It's the SSH process which is the top process in the list. If I disable ssh the load goes to a normal value (approx. 30%).

regards

Roland

Re: high cpu load after switching on SSH

Hi

Can u pls try upgrading the ios code to any of the following one and check ?

12.3(16.11), 12.4(4.9), 12.4(4.9)T, 12.3(16a)

i did see some bugs mentioned for 12.3(16) related to memory leak ,Spurious Memory ,High CPU usage..

http://cisco.com/cgi-bin/Software/Iosplanner/Planner-tool/printsa.pl?get_crypto=&data_from=&hardware_name=2610XM-2611XM&software_name=&release_name=12.3.16&majorRel=12.3&state=:HW:RL&type=Limited%20Deployment&file=12.3.16.c.html

regds

New Member

Re: high cpu load after switching on SSH

Hi

I've made the upgrade on that router to 12.3(16a) and now the load decreased rapidly. Obviously there is a bug in the other release.

Thanks for your hint.

Roland

VIP Purple

Re: high cpu load after switching on SSH

Hello Roland,

you might be dealing with SSH port scans, try and restrict SSH access as much as possible, by using an access list on the external facing interface on your router:

access-list 101 permit tcp host 10.10.10.1 host 192.168.1.1 eq 22

This example would allow SSH connections only between the two hosts specified.

HTH,

GP

This would deny SSH for all connections

New Member

Re: high cpu load after switching on SSH

Hi

thanks for your hint. You are right. But there is a ACL already in place.

regards

Roland

1056
Views
0
Helpful
6
Replies
CreatePlease to create content