2650 IP Input High CPU Utilization Problem

Discussion in 'Cisco' started by Brian R. Jack, Sep 10, 2004.

  1. I have a 2650 deployed as an edge device in a distributed internet
    provisioning environment. The router has 2 parallel per-packet load-shared
    T1 connections with internal DSU WICs and only the single fast ethernet
    interface for the LAN side that is being trunked to a Cat 4006. The config
    has been in place for over 2 years without a hitch until a recent ISP change
    that has created a huge problem. Basically the IP Input process
    incrementally consumes more and more proc time over about 2 hours to the
    point where I have to reload the router in order for traffic to pass
    through.

    Specifics:

    IOS 12.1(5)T10
    64MB RAM

    25 fast ethernet subinterfaces mapped to VLANs hosted on a Cat4006, all subs
    have private IP subnets assigned to them NAT is performed by the router.
    There are over 25 static mappings plus a dynamic pool consisting of 7 IP
    addresses

    2 PPP serial connections to a carrier provided T1 channel bank. T1's are
    running clean and clear, no service-module slips or framing errors noted.
    Serial connections are also clear with no CRC, no i/o drops, no errors etc.
    Load is not out of the ordinary for either connection (both run at about
    15 - 40% tx/rx load).

    CEF and fast switching is enabled on all interfaces
    Netflow accounting is enabled
    CEF per-packet load-sharing is enabled on serial interfaces

    I have worked through all of the cisco docs regarding high cpu utilization
    and found nothing out of the ordinary. Initially I concerned that this
    might be an issue caused by some NAT changes that had to be put in effect
    after the ISP change but my traffic levels just don't substantiate that.

    At this point I am looking for any ideas that anyone else might have
    regarding this issue.

    Thanks,
    Brian R. Jack
     
    Brian R. Jack, Sep 10, 2004
    #1
    1. Advertisements

  2. I had a similar problem on one of my edge router. It turned out that NAT was
    causing this over time.

    Added this: ip nat translation tcp-timeout 3000

    Problem solved.

    Oystein
     
    Øystein Berg, Sep 15, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.