Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISR3825 IP NAT Ager 100% CPU

I recently upgraded an ISR3825 from 15.0.1M10 to 15.1.4M8 and I am experiencing a perplexing issue now, this issue was not present before upgrading. 

Basically what's happening is the IP NAT Ager process eats 100% CPU whenever someone on the network starts using a P2P application (bittorrent) via OpenVPN. In the log buffer there is also the following:

009430: *Apr  5 14:42:22 MST: %SYS-4-CHUNKSIBLINGSEXCEED: Number of siblings in a chunk has gone above the threshold. Threshold:10000 Sibling-Count:10139 Chunk:0x6A70A334 Name:NAT Fragment0 C -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 63EC33E4z 63EC33C8z
009431: *Apr  5 14:42:37 MST: %SYS-4-CHUNKSIBLINGSEXCEED: Number of siblings in a chunk has gone above the threshold. Threshold:10000 Sibling-Count:10144 Chunk:0x6A70A334 Name:NAT Fragment0 C -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 63EC33E4z 63EC33C8z
009432: *Apr  5 14:42:49 MST: %SYS-4-CHUNKSIBLINGSEXCEED: Number of siblings in a chunk has gone above the threshold. Threshold:10000 Sibling-Count:10143 Chunk:0x6A70A334 Name:NAT Fragment0 C -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 63EC33E4z 63EC33C8z

There is only about 500 active NAT translations when the CPU is at 100%, which I feel isn't much. The router has 512MB of RAM, which is the recommended amount for this release. I've also checked for alignment errors, none are present. 

The strange thing is I'm not noticing a performance hit like I feel I should, I'm still able to push 100mbps through the router (which is my WAN line speed). 

Starting to wonder whether this is a bug in the new release... Any advice is appreciated. 

 

1 REPLY
Bronze

Open a TAC case, probably is

Open a TAC case, probably is a bug :(

209
Views
0
Helpful
1
Replies