Cisco Firewall :: ASA 5510 And 2960S - CSC SSM High CPU Usage
Jan 28, 2013
I have configured an ASA 5510 and 2960S 48 port switch in a lab environment. I have two laptops connected to seperate subinterfaces with server 2003 as dhcp server for one network. Everything has been working fine as we have been testing the ASA while also testing the csc smm module. When we came in today we noticed the csc module cpu is running at 100% constantly and http traffic is extremely slow. I have not yet received my smartnet contracts from the vendor or I would open a TAC case and I have read on the net that this is a common problem.
Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today. On the dashboard of our asa 5510 the "outside interface" traffic usage is running constantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.
I recently reboot my asa 5520, I was trying to remove webvpn listening from my outside nic, even though it wasn't configured. [code]I was planning to do another reload without the fast reload option.
I have ASA that just started to reboot through out the day yesterday. It seems to happen every few hours but not in a pattern.Right before it reboots there is a flood of sys log id 305006 messages "portmap translation creation failed for tcp src inside:xxx dst outside:xxx the xlats go from around 2-3k to about 30+k then crash.Memory ussage is already pretty high normally on this device (about %75 used) CPU is around %15-20 I notice that the portmap translation errors are always from 3 inside host.
I'm having a problem with the memory and also trying to create some rules on the CISCO ASA. The version that I got installed was the 8.2.5.33 on a CISCO 5520 with 512 RAM, the memory usage is on 99% used, 1% free and because of that when I'm trying to create a new rule the firewall brings me the next error..So what I did was a downgrade to the version 8.2 (4) 4 and the memory went down a little (82% used, 18% free) but I still got the error when I'm creating an access rule on the device. One thing and I'm not sure if this could affect on the performance are the number of access list and the object groups that are created.
I already open a case with CISCO TAC and they are checking if the problem is with the memory capacity or maybe a memory leak.Also the doubt that I got is with the memory that I got now available should I can create access rules or 82 is still to hig to create a rule or and object group?
I seem to get conflicting information on using the Management port as a regular routed interface on the ASA5510..The management interface can be used for the traffic that passes through the firewall as well. The Security Plus License for the ASA 5510 is required in order to use the management0/0 port as a regular interface. With a base license on the 5510, the management0/0 port cannot be used as a regular interface.
I believe that I saw another post that mentioned it was part of the standard IOS if you had a later version.
I have little experience with firewalls, what I've learned has been by dealing with issues like this that arise from time to time.I know, I need to upgrade the version. It's in the works now. Anyways, my question/problem is: Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today. On the dashboard of our asa 5510 the "outside interface" traffic usage is running contstantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.
We recently added about 400 users to our network for a total of 1000. Looking at the ASDM we are holding very tight to 75% utilization and we have 256mbs. This is also running IOS 8.2(1). Our firewall recently crashed after a major download was forced through it. This was after only being booted up for about a week. We had reloaded it a week prior after having ran it for about a year without issue. We havent made any changes in the last month other than adding more users to our network.
When a physical switchport/routed port has high usage, you can move the link to a higher capacity port, upgrade the port, bond links, etc. What exactly do you do when an SVI has high usage? I guess you could remove some servers from the VLAN, but that doesn't seem like a reasonable solution. What dictates the capacity of an SVI? The backplane of the switch?
I have a 1841 router plugged into a 100M Comcast ethernet connection. My router cpu is really high and users download speed isn't as high as before. Can a 1841 handle 100M circuit with 100 users on it? What would cause the router's cpu to be high? I don't think there are any viruses or malware on the lan.
#sh proc cpu his r2.leaguecity-toy-startoy 06:06:26 PM Wednesday May 30 2012 PST 111 1 1 1 111 24 1 1 1 1 400369232222544222330359645223283294332688334452308404382236
I have a lot of cisco 7206 vxr deviceses. I have a high cpu problem.I have a 7206 vxr g2. I used to use ebgp for three upstream carrier. I used to bgp full route table method. I have about 800 Mbps active traffics and behing the router about 1600 active customers.
How can I trouble shoot this high cpu problem?
#sh int gigabitEthernet 0/1 GigabitEthernet0/1 is up, line protocol is up Hardware is MV64460 Internal MAC, address is 000c.cf1d.d01b (bia 000c.cf1d.d01b) Description: ***** GW Interface ***** [Code]....
I have a Cisco 1921 router and it uses 99% of CPU and i cant seem to spot wich process that is taking up the cpu. I have an interface with several sub-interfaces and i am moving data between two of those subnets, i tried the "ip route-cache same-interface"-command on giga bit ethernet 0/1 with all the sub-interfaces like gigabitethernet 0/1.18 and so on. That did not work.
Received this notice from ISP. Does this make sense:We have noticed we are getting a huge number of queries from X.X.X.X and it is showing to be about 98% of the DNS traffic hitting our name servers. It appears that the data consists of reverse lookups to 10.1.0.0 network. It needs to be remediated as soon as possible because it could cause a service interruption.It almost seems as if my router is acting as a DNS server. The isp data consists of reverse lookups to 10.1.0.0 network which would be the internal.
I've got a problem with a core 6509E and the multicast.A client has a system with cams for the physical security and they are connected to a vlan with this config:
interface VlanXip address 172.20.167.1 255.255.255.128ip helper-address 172.20.32.7ip pim version 1ip pim sparse-modeendThe thing is that we know that one server that shows the cams at the security office is flooding the network and the CPU CORE is over 95% always:
CPU utilization for five seconds: 99%/39%; one minute: 99%; five minutes: 99% 263 644650276 567873287 1135 51.99% 55.06% 55.35% 0 IP Input [Code] ....
i keep getting messages from AVG saying they have detected a very high internet usage, first it was with google and then with firefox..they recommended to shut down and restart..anyone could explain what's going on? I'm not downloadin anything..just checking my mail!
Recently got a mobile broadband dongle for my laptop, shows 7.2 Mbps speed in the status window and under activity the received bytes is shooting up, as I write this is has went from 25,000,000 to 35,000,000, that's about 10 mg for a few seconds, it does this even when I have no page open, I can't see anything in task manager, I don't know why it's downloading so fast when there's nothing there, also because of this it is slowing my browsing down,
We have seen high CPU utilization on some Cisco switches of type 2960S. Also we got info, that applications are running with poor performance or with interruption.Following IOS is loaded: C2960s-universalk9-mz.122.55.SE
I have an issue with 7600 router where CPU goes up to 60-70% and memory is also high. Both due to BGP Router process. URL We are seeing this issue since ISP has upgraded their router 20 days ago. Router also seen following error.I have not reset the BGP session with ISP yet. Is there any way I can supress BGP updates coming from ISP and see if CPU and memory USAGE reduces. IOS version 12.2(33)SRD and RSP720 with PFC 3cXL
My 4500 core always in 60 % cpu utility , and when i run #sh proc cpu sorted i find that 55 29725041543795572214 0 39.43% 41.40% 41.39% 0 Cat4k Mgmt LoPri
Which mean that this process is the top one , and when i run #sh platform health i found that Stub-JobEventSchedul 10.00 15.98 10 64 100 500 20 17 12 29269:55 K2 CpuMan Review 30.00 35.60 30 48 100 500 49 46 32 52390:52
Those two process are the top and they already exceed their maximum rang and when i run #sh platform cpu packet statistics i can find that Packets Received by Packet Queue
I have an issue with 7600 router where CPU goes up to 60-70% and memory is also high. Both due to BGP Router process. [URL] According to our baseline it should not be more than 40% at any given time. We see high CPU uptp 70% consistently.
CPU utilization for five seconds: 99%/0%; one minute: 57%; five minutes: 55% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 442 66173704 90234125 733 96.86% 46.09% 46.30% 0 BGP Router 7 509291060 26330202 19342 1.17% 3.90% 2.99% 0 Check heaps
Router has 1 eBGP session with ISP from where it downloads whole IPv4 internet routing table and two IBGP session with other two rotuer. When I look at BGP summary table I see many updates received from ISP and sent out to IBGP neighbors. Also did debug BGP updates to confirm it.
We are seeing this issue since ISP has upgraded their router 20 days ago. Router also seen following error.
%BGP-6-BIGCHUNK: Big chunk pool request 628 for community. Replenishing with malloc
I have not reset the BGP session with ISP yet. Is there any way I can supress BGP updates coming from ISP and see if CPU and memory USAGE reduces. IOS version 12.2(33)SRD and RSP720 with PFC 3cXL
My CAT 4510 switch is showing 99.9% CPU usage almost through out the day. After some analysis i saw that the “Cat4k Mgmt LoPri” process is having 86% CPU utilization. This process is a package that is including multiple process.
Within this package, two processes have been identified which are causing this shock which are “K5L3Unicast Adj Tabl” and “K5 L2 Hardware Addre” .
This indicates that some heavy activity is going on CEF adjacency table and RP MAC Address Table. My current IOS version is 12.2(53)SG
i have cisco 7600 router , here is show run : Gateway7600#sh run Building configuration...
Current configuration : 4787 bytes ! ! Last configuration change at 09:08:04 UTC Sat Apr 20 2013 by xxxx ! version 15.2 service timestamps debug datetime msec [Code]....
I'm having issue with one stubborn process that is consuming nearly all the CPU on all of my switches. I tried googling it, but had no luck. The process is "hulc nrgyz PD di"
We recently configured a stack of four 48 port 3750-x switches . We are noticing high CPU usage. "Hulc LED process" seems pretty high. This has coincided with VMware servers getting slow and non-responsive at times, perhaps a coincidence, not sure. Below I provided some outputs about how to diagnose it.
I have a 2 Cisco 3750X stacked working as CORE switches but not in production yet showing a high CPU utilization and I would like to see with you whether you think this is normal or a IOS upgrade/downgrade should be performed.
I have very low traffic coming through as this is not yet in production:
We have two c6509 budled in VSS. I have noticed randomly high usage of CPU, sometimes up to 99% in peaks. I have found that it can be generated by SNMP engine. So I unconfigure all SNMP things. But situation is the same. I would like to know if this state is OK or not. CPU shows are enclosed in file.
I have a couple of Switches Blade 3120, working as active-standby model (HSRP) on a new site deployment. There are other 20 sites more or less, working on the same model, without issues. But in this one, we are seeing a high cpu usage. The traffic going through the platform is 600Mbps (on peaks), and in this case we have 40% of CPU usage. Traffic should be close to 3 Gbps. When we tried to send the whole traffic through the platform, active switch began to drop packets on the majority of interfaces.
When we analyze the CPU usage, there is a special process called "HL3U bkgrd proce" always have the most CPU use, but we do not know what concerns. We do not know if it is caused because there are PBRs configured. It should not matter. How I mentioned, there are other sites working fine and have had always the same PBR number.
What is causing the high usage?. Is there a special debug we could to perform to diagnose the issue?. Also, we have seen a high interrupt CPU usage (9% in this case).
bog-sib-INT-rtr-1#show processes cpu sorted 5sec CPU utilization for five seconds: 30%/9%; one minute: 25%; five minutes: 23% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
