We have a 6509 core with the below modules running for a long time and the utilization used to be always 10 to 13 percent checking with the supplier it was told to us that due to the firewall modue we have and its normal Now 2 days back i noticed the utilzation had jumped to 90 % and now it happened again
I see that on runnung proc cpu
16407 56.1% 56.5% 55.9% ios-base
16430 35.3% 35.2% 33.9% iprouting.iosproc
the modules present
Mod Ports Card Type Model Serial No.--- ----- -------------------------------------- ------------------ ----------- 1 6 Firewall Module WS-SVC-FWM-1 SAD140901XA 3 16 16 port 1000mb GBIC ethernet
We have cisco 4510R+E switch with IOS-XE Software Version 03.01.01.SG RELEASE SOFTWARE (fc1).Our this switch is having two core & one core is always going to about 90% to 98% cpu utilization while other core is showing normal (about 5% to 10%),we check with-This switch is gateway of our LAN.
We suddenly noticed high CPU utilization on one of our 7600 routers. I output of show process CPU showed high utlization for the FM core process. I looked it up but did not find information on what this process does. [code]
We had a core switch(30 vlans) in our environment and it's noticed that CPU utilization of the core switch is showing high during recent days. I have checked logs and processes, but couldn't find the root cause. The issue found only in the office hourly only(after that the cpu utilization is idle and normal). I have already referred the following link to troubleshoot the issue " [URL]
see the following outputs from the core switch
CPU utilization for five seconds: 99%/0%; one minute: 99%; five minutes: 99% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 30 6687557041432420936 466 47.52% 47.10% 45.98% 0 Cat4k Mgmt LoPri 55 30667074884269560256 0 45.36% 45.50% 45.85% 0 IP Input 29 28552856922870089254 0 3.59% 3.50% 3.57% 0 Cat4k Mgmt HiPri
[code]....
Note: Each Invalid source mac entry in each day from same port (above is the output after clearing logs before 3 days)
My queries regarding the issues are following
1) How can we find root cause regarding the high cpu utilization?
2) Is a single invalid mac address makes the cpu highly utilized for suppressing it?
we have two 6513 core switches redundant to each other by using HSRP and MST. Currently we have a problem in a CPU as it's high in both cores as appeared in the following logging message:
From couple of weeks we have observed the cpu utilization of cisco 6509 with SUP 720 is high. During daytime from 9:00 to 21:00 it keeps increasing & reaches 98% & after 21:00 becomes normal.
Cisco 6509 modular IOS getting high cpu in interrupt but the switch process switching is still less. Any sugeestion what could be the problem?
Process sbin/ios-base, type IOS, PID = 16407CPU utilization for five seconds: 12%/81%; Sometimes cpu goes upto 100% Version - s72033-ipservicesk9_wan-vz.122-33.SXH5
I have having two Cisco 6509 both working are my main Core Switches with which I have all my Layer 2 VLANs configured and then distributed thru the trunks links to all the Access Switches. I have L3- Vlans also configured on them with which one switch in primary and the other is secondary. All of sudden last night I got this message on my core switch 2 this for VLAN 1 which is my users LAN, how can I check as to what would have caused the core switch 2 HSRP to be active and then in standby
*Nov 5 23:33:29.296: %HSRP-5-STATECHANGE: Vlan1 Grp 5 state Standby -> Active *Nov 5 23:33:29.796: %HSRP-5-STATECHANGE: Vlan1 Grp 49 state Standby -> Active *Nov 5 23:33:29.804: %HSRP-5-STATECHANGE: Vlan1 Grp 49 state Active -> Speak *Nov 5 23:33:29.920: %HSRP-5-STATECHANGE: Vlan1 Grp 5 state Active -> Speak *Nov 5 23:33:40.144: %HSRP-5-STATECHANGE: Vlan1 Grp 5 state Speak -> Standby *Nov 5 23:33:41.280: %HSRP-5-STATECHANGE: Vlan1 Grp 49 state Speak -> Standby
Also last night i got call from office saying that we are getting huge delay in pinging the default gateway of the user LAN which is the same vlan as the above and it was just for few minutes and then it was back to normal and now when I came to office and check there were no logs in both the core switches. When I checked the cpu utlization it was showing me high on both the switches how can I check as to what would have caused the CPU utilisation to go high all of suddedn?
INPMHCORS01#$ sh processes cpu his 11111 11111 11111 1111111111 8885555588888666669999922222666665555511111777773333300000 100 90 80
I have Active Standby ASA5550 setup with VPN premium license. A few days back we had a requirement of SSL VPN connection for and we got a temporary from Cisco for same, this license expired and the ASA reverted to it's original license. 3 4 days after this we saw a sudden increase in CPU utilization (upto 90% + -5%) on the ASA during production hours but were not able to figure out the reason, in order to restore the services we failovered the firewall to secondary and everything worked fine. We were suspecting one of the following but there were no logs for any of this
1. The ASA hardware was haivng problem
2. Some client was doing a DoS attack to bring down the ASA (no logs for this as well).
We took a downtime to look further by failovering the ASA back to primary and it worked fine without any issues ruling out the 1st option. We also came across a licesing doc [URL]
Downgrading any license (for example, going from 10 contexts to 2 contexts).
# Note If a temporary license expires, and the permanent license is a downgrade, then you do not need to immediately reload the security appliance; the next time you reload, the permanent license is restored.
As per this doc, sooner or later a restart was required on the ASA. We restarted secondary ASA and everthing was fine but when we restarted the primary ASA by swtiching over to secondary some of the server (not all) in the DMZ stopped working (even ICMP unreachable) and only came back to normal when the primary ASA was restored and working fine (with failover).
The reboot was done by shuting down the physical link between the Core switch and ASA inside individually.
I am not sure what could be the issue that the servers in the DMZ wen unreachable.
I have a remote site customer with a Cisco ASA 5540 running SSLVPN (Anyconnect)(8.03). It currently only serves about 450 SSLVPN clients. Since last friday, they've seen the CPU utilization go up to high 90% while only serving 400+ remote users. I saw some high cpu utilization bugs, but none looked to be relevant. How I can find the root cause of the CPU high utilization?
we have ASA 5520 with IOS 8.0 , when i am trying to add more static routes on the inside interface the CPU utilization is going up. one faced the same issue. I am configuring through the cisco ASDM 6.1(3)f.
I am facing high CPU util on my pix 515 E which is in failover mode.During peak hours the util is see rising to 60% where as in off peak hours it is normally12%.
During normal operation the average utilisation was observed to be 30% but suddenly from 2/3 days it is constantly 60% doule the value as earlier. Have gone through the logs and traffic but not able to tarce anything particular
below is the o/p of some command taken for analysis
IOS version 8.0(4) sh cpu usage CPU utilization for 5 seconds = 51%; 1 minute: 61%; 5 minutes: 58% sh cpu usage
Would like to ask for everyones assistance with regards to the problems we are encountering on our PIX525 firewall. Our encountered problem is as follow."PIX 525 experience sudden high CPU utilization every time a Vulnerability System Scan (third part app) is conducted. Based on the previous experiences, the high CPU utilization where experience when a host on a particular VLAN (214) is being scanned. Whenever we removed the said VLAN (214) in the network the CPU utilization of PIX 525 comes back to normal and all connectivity were resumed."The problem just recently appeared, we are conducting vulnerability system scan before and it goes successfully.
We had two PIXes in our environment and working as a active-failover mode. Its noted in now a days the active PIX memory utilization is 98% and for standby PIX it is 96%. And also in some times we were experiencing packet loss to the ip of active PIX and which reflects in the inside servers access also. During that time the active pix was not accessible via ssh as well as ASDM. We have tried reloading the PIX and changing failover state of the PIX, but it results only a temporary solution. Current memory installed is 128 MB (maximum upgraded), so a upgrade is also not possible. Please see the show command outputs from the PIX. Current Software version is 7.2(4)
sh memory output (PIX 1 - active) Free memory: 4850944 bytes ( 4%) Used memory: 129366784 bytes (96%)
[code]....
1) How we can pin point the root cause of this high memory utilization?
2) What might be the reason for the high memory utilization for the standby pix (96%), still the PIX is in idle state?
3) Is it a hardware issue or a memory leak issue, then how can we find out?
4) Is a software upgrade to new version resolves the memory issue?
We recently added about 400 users to our network for a total of 1000. Looking at the ASDM we are holding very tight to 75% utilization and we have 256mbs. This is also running IOS 8.2(1). Our firewall recently crashed after a major download was forced through it. This was after only being booted up for about a week. We had reloaded it a week prior after having ran it for about a year without issue. We havent made any changes in the last month other than adding more users to our network.
I need to create a DMZ Vlan. Core switch is a 6509. FW is an ASA5520. Need to create a VLAN for DMZ purposes for outside facing servers. NAT is used on ASA.
We have an active-active pair of cisco ASA5580-20 with software version 8.4(1)9. There are 8 contexts on it (including admin and system). 1 context is active on Primary node and other 7 are active on Secondary node. User traffic is going through this 1 context (2 interfaces - inside to users, outside to internet) and there are peaks to 1.16M concurrent connections, max bandwidth is 1.25Gbps. CPU usage for this context in peak hours is 63%, but we noticed that when we run "show cpu usage context all" from system it shows that system context is using 25% of CPU and "Total CPU utilization" (form output of show cpu detailed - on system context) is 88% which is bad. In non peak hours - user context use 33.6% CPU, system use 14.5%, total CPU usage is 50.5% So, is it normal this cpu utilization on system context (system on Primary node)?
We have several ASA5540s and 5510s (v8.4.1) being managed by CSM (4.1) Every so often several of the ASAs will send SNMP messages to CSM stating very high CPU utilization reached, usually between 150% and 400% - sometimes as high as 4million %.Obviously you can't get greater than 100%.
I have FSWM active/standby installed in 6509-E core switches running following FWSM Firewall Version 3.1(3) Device Manager Version 5.0(2)F..I want to upgrade to latest FWSM version as well as ASDM, I downloaded asdm-622f.bin and c6svc-fwm-k9.4-1-5.bin from cisco portal. When i checked the show version of FWSM, it says..The Running Activation Key is not valid, using default settings: Running Activation Key: 0x00000000 0x00000000 0x00000000 0x00000000
I have gone through threads on CSC about how to upgrade FWSM in failover mode, now my concern is, Do i have to take care about activation key or keep as it is ? I have maintenance contract with cisco for all devices.
I am having issues trying to track down what is causing a high number of connection on our FWSM in our core 6509 switch. I recently upgraded my FWSM to 3.1(20) and I'm looking for a tool to be able to find the culprit. When I receive these messages I try to get onto the firewall in time to be able to get information regarding this issue but by the time I do the device recovers. Is there a way to tweat the threshold of the SNMP trap for high connections? Is there any way I can retreive this information via SNMP? Is there are command that will allow me to extract the local IP making the most connections?
One of the pur client want to use Cisco 6509 as core Router. STM Module they want to install in it and used as Core Routing through it. Is it ok with core network ?
Our Router 7606 is in a problem with high CPU Utilization. We are using one EBGP and one IBGP session. We are also running OSPF with area 0 between two IBGP router to exchange few local networks. When bandwidth cross 100 MB than only CPU use become 100%. when bandwidth consumption is 80MB CPU use become 80% end so on.
Out put is when bandwidth consumption is 34MB
CPU utilization for five seconds: 44%/43%; one minute: 42%; five minutes: 30% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 78 44 9625 4 0.39% 0.03% 0.00% 2 Virtual Exec 13 40 375 106 0.07% 0.00% 0.00% 0 ARP Input 30 116 1098 105 0.07% 0.01% 0.00% 0 IPC Seat Manager
I have a hight CPU utilisation problem in my CISCO7609-S routers. the cpu utilisation can rise 99% et this is usually. In the moment of hight CPU the the process CPU give the following:
I have a 2811 that is really hitting the CPU hard. Nothing shows on CPU processes. It has an IPsec VPN tunnel back to HQ which also has a 2811 that terminates the VPN. The HQ has 2-3 IPsec tunnels to other remote sites. The CPU at the HQ avg 50% utilization during business hrs, peaks at about 80%. The remote one is very high 95% peaks, avg 80%-95% during business hours with bandwidth utilization of only 10-20Mbps. I read somewhere that its possible that fragmentation could be causing this. My question is, if I set the MTU to 1450 on the remote, I am guessing I will need to do all the other routers as well, the HQ and other remote sites? Siince they use the same outside interface to my HQ, is that correct?
I am observing very high CPU utilization on my Cisco 7206VXR (NPE-G1) Router. We have done all the necessary troubleshooting but not able to identify root cause. [code]
I am running Cisco Prime 4.2(UNIX version) on a VM. CPU utilization will run between 90 and 100% constantly. Reloading the server will stabilize the CPU for a short period of time, however the CPU usage will always return to 90-100% utilization. Currently I have about 130 devices added to the system.
