Cisco Firewall :: ASA5520 High CPU Usage CTM Message Handler
Jan 20, 2013
I recently reboot my asa 5520, I was trying to remove webvpn listening from my outside nic, even though it wasn't configured. [code]I was planning to do another reload without the fast reload option.
I have configured an ASA 5510 and 2960S 48 port switch in a lab environment. I have two laptops connected to seperate subinterfaces with server 2003 as dhcp server for one network. Everything has been working fine as we have been testing the ASA while also testing the csc smm module. When we came in today we noticed the csc module cpu is running at 100% constantly and http traffic is extremely slow. I have not yet received my smartnet contracts from the vendor or I would open a TAC case and I have read on the net that this is a common problem.
I have ASA that just started to reboot through out the day yesterday. It seems to happen every few hours but not in a pattern.Right before it reboots there is a flood of sys log id 305006 messages "portmap translation creation failed for tcp src inside:xxx dst outside:xxx the xlats go from around 2-3k to about 30+k then crash.Memory ussage is already pretty high normally on this device (about %75 used) CPU is around %15-20 I notice that the portmap translation errors are always from 3 inside host.
I'm having a problem with the memory and also trying to create some rules on the CISCO ASA. The version that I got installed was the 8.2.5.33 on a CISCO 5520 with 512 RAM, the memory usage is on 99% used, 1% free and because of that when I'm trying to create a new rule the firewall brings me the next error..So what I did was a downgrade to the version 8.2 (4) 4 and the memory went down a little (82% used, 18% free) but I still got the error when I'm creating an access rule on the device. One thing and I'm not sure if this could affect on the performance are the number of access list and the object groups that are created.
I already open a case with CISCO TAC and they are checking if the problem is with the memory capacity or maybe a memory leak.Also the doubt that I got is with the memory that I got now available should I can create access rules or 82 is still to hig to create a rule or and object group?
When a physical switchport/routed port has high usage, you can move the link to a higher capacity port, upgrade the port, bond links, etc. What exactly do you do when an SVI has high usage? I guess you could remove some servers from the VLAN, but that doesn't seem like a reasonable solution. What dictates the capacity of an SVI? The backplane of the switch?
I have a 1841 router plugged into a 100M Comcast ethernet connection. My router cpu is really high and users download speed isn't as high as before. Can a 1841 handle 100M circuit with 100 users on it? What would cause the router's cpu to be high? I don't think there are any viruses or malware on the lan.
#sh proc cpu his r2.leaguecity-toy-startoy 06:06:26 PM Wednesday May 30 2012 PST 111 1 1 1 111 24 1 1 1 1 400369232222544222330359645223283294332688334452308404382236
I have a lot of cisco 7206 vxr deviceses. I have a high cpu problem.I have a 7206 vxr g2. I used to use ebgp for three upstream carrier. I used to bgp full route table method. I have about 800 Mbps active traffics and behing the router about 1600 active customers.
How can I trouble shoot this high cpu problem?
#sh int gigabitEthernet 0/1 GigabitEthernet0/1 is up, line protocol is up Hardware is MV64460 Internal MAC, address is 000c.cf1d.d01b (bia 000c.cf1d.d01b) Description: ***** GW Interface ***** [Code]....
I have a Cisco 1921 router and it uses 99% of CPU and i cant seem to spot wich process that is taking up the cpu. I have an interface with several sub-interfaces and i am moving data between two of those subnets, i tried the "ip route-cache same-interface"-command on giga bit ethernet 0/1 with all the sub-interfaces like gigabitethernet 0/1.18 and so on. That did not work.
Received this notice from ISP. Does this make sense:We have noticed we are getting a huge number of queries from X.X.X.X and it is showing to be about 98% of the DNS traffic hitting our name servers. It appears that the data consists of reverse lookups to 10.1.0.0 network. It needs to be remediated as soon as possible because it could cause a service interruption.It almost seems as if my router is acting as a DNS server. The isp data consists of reverse lookups to 10.1.0.0 network which would be the internal.
I've got a problem with a core 6509E and the multicast.A client has a system with cams for the physical security and they are connected to a vlan with this config:
interface VlanXip address 172.20.167.1 255.255.255.128ip helper-address 172.20.32.7ip pim version 1ip pim sparse-modeendThe thing is that we know that one server that shows the cams at the security office is flooding the network and the CPU CORE is over 95% always:
CPU utilization for five seconds: 99%/39%; one minute: 99%; five minutes: 99% 263 644650276 567873287 1135 51.99% 55.06% 55.35% 0 IP Input [Code] ....
i keep getting messages from AVG saying they have detected a very high internet usage, first it was with google and then with firefox..they recommended to shut down and restart..anyone could explain what's going on? I'm not downloadin anything..just checking my mail!
Recently got a mobile broadband dongle for my laptop, shows 7.2 Mbps speed in the status window and under activity the received bytes is shooting up, as I write this is has went from 25,000,000 to 35,000,000, that's about 10 mg for a few seconds, it does this even when I have no page open, I can't see anything in task manager, I don't know why it's downloading so fast when there's nothing there, also because of this it is slowing my browsing down,
I have an issue with 7600 router where CPU goes up to 60-70% and memory is also high. Both due to BGP Router process. URL We are seeing this issue since ISP has upgraded their router 20 days ago. Router also seen following error.I have not reset the BGP session with ISP yet. Is there any way I can supress BGP updates coming from ISP and see if CPU and memory USAGE reduces. IOS version 12.2(33)SRD and RSP720 with PFC 3cXL
My 4500 core always in 60 % cpu utility , and when i run #sh proc cpu sorted i find that 55 29725041543795572214 0 39.43% 41.40% 41.39% 0 Cat4k Mgmt LoPri
Which mean that this process is the top one , and when i run #sh platform health i found that Stub-JobEventSchedul 10.00 15.98 10 64 100 500 20 17 12 29269:55 K2 CpuMan Review 30.00 35.60 30 48 100 500 49 46 32 52390:52
Those two process are the top and they already exceed their maximum rang and when i run #sh platform cpu packet statistics i can find that Packets Received by Packet Queue
I have an issue with 7600 router where CPU goes up to 60-70% and memory is also high. Both due to BGP Router process. [URL] According to our baseline it should not be more than 40% at any given time. We see high CPU uptp 70% consistently.
CPU utilization for five seconds: 99%/0%; one minute: 57%; five minutes: 55% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 442 66173704 90234125 733 96.86% 46.09% 46.30% 0 BGP Router 7 509291060 26330202 19342 1.17% 3.90% 2.99% 0 Check heaps
Router has 1 eBGP session with ISP from where it downloads whole IPv4 internet routing table and two IBGP session with other two rotuer. When I look at BGP summary table I see many updates received from ISP and sent out to IBGP neighbors. Also did debug BGP updates to confirm it.
We are seeing this issue since ISP has upgraded their router 20 days ago. Router also seen following error.
%BGP-6-BIGCHUNK: Big chunk pool request 628 for community. Replenishing with malloc
I have not reset the BGP session with ISP yet. Is there any way I can supress BGP updates coming from ISP and see if CPU and memory USAGE reduces. IOS version 12.2(33)SRD and RSP720 with PFC 3cXL
My CAT 4510 switch is showing 99.9% CPU usage almost through out the day. After some analysis i saw that the “Cat4k Mgmt LoPri” process is having 86% CPU utilization. This process is a package that is including multiple process.
Within this package, two processes have been identified which are causing this shock which are “K5L3Unicast Adj Tabl” and “K5 L2 Hardware Addre” .
This indicates that some heavy activity is going on CEF adjacency table and RP MAC Address Table. My current IOS version is 12.2(53)SG
i have cisco 7600 router , here is show run : Gateway7600#sh run Building configuration...
Current configuration : 4787 bytes ! ! Last configuration change at 09:08:04 UTC Sat Apr 20 2013 by xxxx ! version 15.2 service timestamps debug datetime msec [Code]....
I'm having issue with one stubborn process that is consuming nearly all the CPU on all of my switches. I tried googling it, but had no luck. The process is "hulc nrgyz PD di"
We recently configured a stack of four 48 port 3750-x switches . We are noticing high CPU usage. "Hulc LED process" seems pretty high. This has coincided with VMware servers getting slow and non-responsive at times, perhaps a coincidence, not sure. Below I provided some outputs about how to diagnose it.
I have a 2 Cisco 3750X stacked working as CORE switches but not in production yet showing a high CPU utilization and I would like to see with you whether you think this is normal or a IOS upgrade/downgrade should be performed.
I have very low traffic coming through as this is not yet in production:
We have two c6509 budled in VSS. I have noticed randomly high usage of CPU, sometimes up to 99% in peaks. I have found that it can be generated by SNMP engine. So I unconfigure all SNMP things. But situation is the same. I would like to know if this state is OK or not. CPU shows are enclosed in file.
I have a couple of Switches Blade 3120, working as active-standby model (HSRP) on a new site deployment. There are other 20 sites more or less, working on the same model, without issues. But in this one, we are seeing a high cpu usage. The traffic going through the platform is 600Mbps (on peaks), and in this case we have 40% of CPU usage. Traffic should be close to 3 Gbps. When we tried to send the whole traffic through the platform, active switch began to drop packets on the majority of interfaces.
When we analyze the CPU usage, there is a special process called "HL3U bkgrd proce" always have the most CPU use, but we do not know what concerns. We do not know if it is caused because there are PBRs configured. It should not matter. How I mentioned, there are other sites working fine and have had always the same PBR number.
What is causing the high usage?. Is there a special debug we could to perform to diagnose the issue?. Also, we have seen a high interrupt CPU usage (9% in this case).
bog-sib-INT-rtr-1#show processes cpu sorted 5sec CPU utilization for five seconds: 30%/9%; one minute: 25%; five minutes: 23% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
Region : Romania Model : TL-WR841ND Hardware Version : Firmware Version : 3.13.27 Build 121101 Rel.38183n ISP : cosmote
hardware version is WR841N v8.wireless works just fine. i use it for my smartphone and an old laptop. i use ethernet cable to connect to main computer where all is ok until i start using my bit torrent client. as soon as i build up traffic above 1MB the ethernet portion of the router freezes and needs a reboot. when frozen, wireless is still working and i still have access on the lan to the router via my browser. i got this router so i could have wifi for my phone. my old router (asus rx3041) worked just fine and i accessed my isp at the maximum speeds it would allow on a 60 gigabit connection.
I'm thinking of purchasing a Cisco Linksys EA6500. I need a router that can one monitor bandwidth used by device. Keep exceeding our ISP's network bandwidth allocation, need to identify the devices that are causing this high usage and be able to do so from the router. Does the EA6500's standard software support this, is their router software one can obtain for the unit that does this or is there another home router option that can perform this function?
Region : UnitedKingdom Model : TD-W8951ND Hardware Version : V5 Firmware Version : 22.05.2012 ISP :
I have a TD-W8951ND v5 on the latest firmware.
I recently broke my broadband data cap which surprised me as I had not been using the internet much.
I only have tablet which I switched off having first checked the router to make sure there were no other wireless connections and adding MAC address filtering to be sure no one else was stealing my bandwidth. With just my router connected to the ISP, my ISP has recorded 170MB of downloaded data in 3.5 hours. Switching off the router stops the traffic being recorded (as you would expect), but when switched back on the large data transfers start up again.
I have plugged in an older router (not wireless) and no traffic is generated, so it seems to be the TP-Link router rather than my ISP or ADSL circuit that is at fault.
Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today. On the dashboard of our asa 5510 the "outside interface" traffic usage is running constantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.
With regarding to the firewall ASA5520, i'm using it in my network, all the confiuration are properly configured and working but with the use of proxy address in internet explorer(e.:206.53.155.129/3128) all the blocked contents as easily accessible simply it bypass all the network through firewall.so will u guide me to block the proxy servers.