Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
972
Views
0
Helpful
1
Replies

WAAS - Cisco 7609 High CPU issue

mitpatel79
Level 1
Level 1

‎07-26-2013 05:26 AM

Hello,

We had an issue on a working day where Cisco 7609 as WAN Core routers dropped PIM/BGP/ISIS due to high CPU peaking 99%-100%; also downstrean distribution routers (Cisco 6500 MSFC) reached high CPU as well resulting in creating multicast entries in Partial SC state. We found that one of the WAAS device (WAE-7371-K9) had rebooted twice that morning due to hardware issue and software was corrupted; WAAS is directly connected on Cisco 7609. We isolated the WAAS device which again knocked down all protocols. We could not establish whether high CPU on Cisco 7609 caused by WAAS crash though the timings of WAAS crash and high CPU was almost at the same time.

Also, on Cisco documentation, it mentioned as below; we do have ACLs on Cisco 7609 with port ranges configured.

Catalyst 6500 Series Switches and Cisco 7600 Series Routers Access Control Lists

When WCCP is using mask assignment, any redirect list is merged with the mask information from the appliance and the resulting merged ACL is passed down to the Catalyst 6500 series switch or Cisco 7600 series router hardware. Only Permit or Deny ACL entries from the redirect list in which the protocol is IP or exactly matches the service group protocol are merged with the mask information from the appliance.

The following restrictions apply to the redirect-list ACL:

  • The      ACL must be an IPv4 simple or extended ACL.
  • Only individual source or destination port numbers may      be specified; port ranges cannot be specified.
  • The      only valid matching criteria in addition to individual source or      destination port numbers are dscp or tos.
  • The      use of fragments, time-range, or options keywords, or any TCP flags is not      permitted.

If the redirect ACL does not meet the restrictions shown, the system will log the following error message:

WCCP-3-BADACE: Service <service group>, invalid access-list entry (seq:<sequence>, reason:<reason>)

WCCP continues to redirect packets, but the redirection is carried out in software (NetFlow Switching) until the access list is adjusted.

Please help me understand the correlation of WAAS crash and high CPU on Cisco 7609.

0 Helpful
1 Reply 1

Lei Tian
Cisco Employee
Cisco Employee

‎07-29-2013 09:01 AM

Hi,

Cannot tell whether the high CPU was caused by the WAE crash. You need to open a TAC case, and provide information on what process was running high during that time in order to tell if it is related.

In general, lot time high CPU can happen on 6500/7600 with WCCP if you do not follow the best practice.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/white_paper_c11-629052.html

HTH,

Lei Tian

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents