Cisco WAN :: 2811 - Allocate CPU To Certain Processes?
Apr 23, 2013
Is there a way to allocate CPU or memory resources to specific processes - similar to a QoS-style configuration where you can prioritize the processes being handled by the CPU? We have a 2811 router whose CPU periodically spikes to 100% utilization. At these times, all of our EIGRP neighbor adjacencies bounce - either a peer goodbye is received or the hold time expires.
Our thinking is that we could possibly tell the router to prioritize the EIGRP process with the CPU so that routing is maintained, even though we realize other processes (like qos or ISAKMP for our tunnels) may suffer.
View 2 Replies
ADVERTISEMENT
Sep 24, 2012
I have a 2811 Router that is experiencing high CPU utilization. I have already issued the "show cpu proc" command, and everything seems to be fine (it's not a process issue) . According to our traffic graphs, we've seen that CPU is related to high link utilization, since we have 2 Fast Ethernet interfaces (Internet 4 MB and MPLS 6 MB), and when those interfaces have to deal with a lot of traffic at some hours, the CPU Load increases in the Router.
I found an article where they say that 2811 ISR Routers can deal with up to 61,44 Mbps (120.000 pps), but our router is far away from reaching that limit.It usually manages up to 16 MBPS. This router manages some services such as NAT traslation, ACLs, voice traslation profiles, policy routing (QoS), firewall and DHCP.
What can be happening to the router?.. Is it normal that when it has to process a lot of traffic, its cpu must increase up to 95%, even if it is handling just 16 MB compared to the theorical 61 MB? Is there any command or tool that I could use to troubleshoot this issue? Is there any limit in terms of WAN traffic that it could handle? How much influence do those services have over CPU Utilization?
Given these incidents, which router series could suit better in my network to avoid high CPU issues?
View 11 Replies
View Related
Aug 27, 2012
I am seeing an increasing number of processes on our Solaris based Ciscoworks server. The parent and the zombie processes are the following:
root@cw:/usr/ucb# ./ps -alxwww | grep 26915
0 101 14737 26915 0 0 0 0 Z 0:00 <defunct>
0 101 15986 26915 0 0 0 0 Z 0:00 <defunct>
0 101 16052 26915 0 0 0 0 Z 0:00 <defunct>
0 101 16065 26915 0 0 0 0 Z 0:00 <defunct>
0 101 16161 26915 0 0 0 0 Z 0:00 <defunct>
[code]....
This isn't the first time this happens, the last time I restarted the server and the problem disappeared for a while.
View 5 Replies
View Related
May 16, 2012
I am unable to kill EPMServer processes after shutting down LMS 4.2 on Solaris 10. There are still 60 or so EPMServer processes running. Killing them manually does not work as they appear to restart again after killing. Only way to knock them off is to reboot the system. Why does dmgtd stop not kill all LMS processes and is there a patch required for LMS 4.2 or Solaris 10 that would work?
View 5 Replies
View Related
Jul 12, 2012
There are some unknonw issues with ciscoworks LMS 3.2 on a solaris server. Many important processes like [code] and many others (around 40 processes were in shutdown state).When I try to start the processes from the Console window by "Managing processes" option, they still remain down with the same status.I tried to stop and then start the daemon manager, with the below commands: [code] After this, when I run command to check processes status (attached for your reference), I can still see those processes down.
View 4 Replies
View Related
Dec 10, 2012
Yesterday I had a installation of LMS4.2.2 who was working fine. I followed the procedure to install VMware Tools on the virtual appliance on this thread url...
Now I have a problem with the processes of LMS, but maybe it is not linked. I forget to do a snapshot before installing VMware Tools so I need to find a solution. A whole bunch of services do not start know. I tried to uninstall the VMware tools, to regenerate SSL certificate, I rebooted the server several times. It is running under VMware 5.1. [code]
View 5 Replies
View Related
Aug 7, 2011
i'd like to monitor the OSPF process of my MPLS routers by SNMP. I created templates for
ospfIfEvents
ospfNbrEvents
ospfSpfRuns
ospfNbrState
ospfAreaLsaCount
but when i configure the poller i believe the data i mixed up somehow. I for example i don't get all neighbor in the ospfNbrState. i tried with snmp context configuration but i am not sure if this right what i did.
View 1 Replies
View Related
May 30, 2012
I have a problem with ME-3600x running two ospf processes. Proc1 is WAN and PRoc2 is LAN. I am redistributing routes into both directions. After a WAN outage , certain wan routes did not get redistributed into the LAN process. I had to do a clear ip route to fix the problem. Has anynoe seen such a scenario with ME-3600x or any other switch/router
View 8 Replies
View Related
Jan 7, 2013
I am having a bit of trouble with my internet. Whenever I start up a video game like ArmA, CoD, BF3, GMod, ect. My internet crashes. I also ran game booster and it crashed my internet. [code]
View 3 Replies
View Related
May 9, 2011
I got a 40gb monthly broadband plan at home and there are 4 of us using the broadband..since i work long hours i hardly use internet but other flatmates sometime finishes the broadband 10days before the new cycle starts..so i was wondering if there is a way i can put a limit that every one get to use 10gb.
View 3 Replies
View Related
Jun 7, 2011
We saw this syslog on ASA5585 with version 8.4(1). I have two HA firewall pairs (contains 4 ASA5585, active/standby), and I saw this message on the standby ones.
Jun 7 07:36:26 10.99.96.32 last message repeated 4 times
Jun 7 07:36:26 10.99.96.32 :Jun 07 07:36:26 HKST: %ASA-ha-3-210005: LU allocate connection failed
[Code]....
View 4 Replies
View Related
Nov 3, 2012
How to allocate bandwidth for a certain host or service in Cisco ASA 5510 Firewall using ASDM? For instance, I would like to dedicate 2MB for H323 service (Video Conference Call).
View 1 Replies
View Related
Feb 17, 2013
Customer is running ASA 5550 with software 8.2.5 version.
They continously get the below messages
%ASA-3-210005: LU allocate connection failed
%ASA-3-210007: LU allocate xlate failed
I have already searched in the forums and also BUG toolkit, These issue has either been resolved in prior relases or in 8.4 .x train. I didnt find any bug which says that it has been found in 8.2.5 release.
I have also run "show conn count" and "show xlate count" I see these is difference in count output.
From Standby
COGINBLRMBPB1INTF1# show conn count
6097 in use, 17220 most used
COGINBLRMBPB1INTF1# sh xlate count
[Code].....
View 2 Replies
View Related
Nov 19, 2012
would like to know how a bandwidth gets distributed in switches.for example consider a scenariowhere i have a coreswitch A and coreswitch B connected between each other througha a 1Giga Fiber, now each of my core switche are connected to two edge switches through fiber links. all edge switches have giga ports. now if i connect a pc with giga link in th edge switch of coreswitch A and tansfer a file to a PC connnected to the edge switch in network B.. how much bandwidth would i get?how does the switch allocate bandwidth?
View 8 Replies
View Related
Jun 28, 2012
I have a WAG310G router which I have connected wirelessly to my PS3. When no one else is using the internet my connection is fine. However, when someone else does come on the internet my PS3 lags so bad that I can barely play it. I was wondering is there a way to allocate the bandwidth so that my PS3 gets more of it?
View 2 Replies
View Related
Nov 10, 2011
My WRVS4400N, V2.0.2.1CPU:STAR 9202.Doesn't allocate IP address on DHCP for anything but the Open SSID. All others, WEP, WPA, WPA2, nothing.I tried different clients, Intel Centrino wifi, Cisco, AG-CB21 same results.The config is std, I tried one VLAN for ALL SSID, I tried different VLANS, same.
View 0 Replies
View Related
Oct 10, 2011
we have two ASA 5520, on the failover unit is showing LU allocate xlate failed. We read on [URL] that it could be a memory problem , but have cheked it and we have 85% of memory free on both nodes. We also can see all xlate on failover unit.
We have forced failover this evenig and we can´t stablish outbound connexions by outside interface, we think xlates or nat cant work properly.
View 5 Replies
View Related
Jul 29, 2011
Recently i had a requirement for implementing a Qos on one of my Mpls link which is of 2Mbps, the requirement was to allocate a bandwidth of 512kbps for each connect that comes in and 512 kbps for out going, and it is in ASA 5510 firewall.
So i have done the configuration successfully, now the issue is, the bandwidth is limited to 512kbps only for all the connection,how many may be the connections, it working below 512kbps,
But my requriemt was for the first connection, it should allocate 512kbps , and for the second another 512kbps so on.its not happening, the bandwith got struckup at 512kbps , all the connection are sharing this bandwidth only.
View 1 Replies
View Related
Sep 13, 2011
I got an asa5510. After problems with ipsec connections the log said :
LU allocate xlate failed this error repeats every minute. At the cisco site i found the following :
explantion : stateful failover failed to allocate a translation (xlate) slot record recommended Action : check the available memory by using the show memory command to make sure that the security appliance had free memory in the system. If no memory is available, add more memory
But when i do there is free memory. (about 54%)
What can i do to fix this ?
View 2 Replies
View Related
Mar 24, 2010
We just had an issue with our failover unit reloading. In perusing the logs there were a number of %ASA-3-210007:
LU allocate x late failed, errors prior to the reload. These units had just had their OS upgraded to fix a DOS issue a few weeks ago. I have not seen the error since it reloaded. However, I was asked to report the issue just in case it is a bug in the new version of the OS.Two units in failover.
Cisco Adaptive Security Appliance Software Version 8.0(5)9 Device Manager Version 6.0(2). Compiled on Mon 01-Feb-10 10:36 by buildersSystem image file is
"disk0:/asa805-9-k8.bin"Config file at boot was "startup-config"
CP-ASA up 17 days 21 hoursfailover cluster up 17 days 22 hours
[code]....
View 1 Replies
View Related
Jan 21, 2012
I'd like to use an SG200 swicth to allocate bandwidth on a 100 Mbps fiber Internet uplink.I will have 5 routers (each supporting a separate network) connected to the SG200, and I'd like to give each network 20 Mbps. QOS configuration, best CIR and CBS settings for this.
View 1 Replies
View Related
Oct 9, 2012
I am currently getting a strange error when trying to use and crypto services on our ASA 5520 (8.0.3)Initially I observed that a connected VPN had dropped.Then when I attempted to use ASDM or SSH I was blocked.
In the end I opened telnet as a test and this was successful. Syslog also shows that traffic is passing as normal.The only obvious error I can see when observing various debug traces is this;
FW02# CTM: rsa session with no priority allocated @ 0xCF1FBBA0
CTM: Session 0xCF1FBBA0 uses a nlite (Nitrox Lite) as its hardware engine
CTM: rsa context allocated for session 0xCF1FBBA0
CTM: rsa session with no priority allocated @ 0xCE7A5EA8
[code]....
View 5 Replies
View Related
May 2, 2012
I'm trying to configure a VPN between a Check Point firewall (UTM-1, running R75.10) and a 2921 router (15.0(1r)M9).Here's the relevant config (names and external IP addresses only modified - using 1.1.1.1 for Check Point and 2.2.2.2 for Cisco):
================================================
## vpn phase 2 access list (also used for route map)access-list 2699 permit ip 192.168.209.16 0.0.0.15 192.168.51.128 0.0.0.127
## nat route maproute-map R1 permit 2699match ip address 2699
## phase 1 detailscrypto isakmp policy 10encr aes 256authentication pre-sharegroup 2lifetime 86400
## pskcrypto isakmp key ............... address 1.1.1.1 no-xauth
## phase 2 transform setcrypto ipsec transform-set AES-256 esp-aes 256 esp-sha-hmac
## phase 2 detailscrypto map VPN 2699 ipsec-isakmp set peer 1.1.1.1set pfs group2set transform-set AES-256set security-association lifetime seconds 3600match address 2699
## nat definitionsip nat inside source static 10.231.70.250 192.168.209.17 route-map R1 reversibleip nat inside source static 10.231.10.1 192.168.209.18 route-map R1 reversibleip nat inside source static 10.231.10.10 192.168.209.19 route-map R1 reversible
================================================
Phase 1 appears to complete without issue, however at phase two it fails with "Fail to allocate ip address" (full debug attached). Everything I've read suggests that this issue relates to client based VPN, where the Cisco router cannot assign other related attributes to the requesting client (DNS server etc.) but obviously that isn't relevant in this case. Why the router might think it's a client connection and how to stop it?
While I'm troubleshooting this issue currently with a Check Point VPN we've noticed the issue appear on other VPNs (to Cisco 880 routers), and the problem seems to solve itself (which obviously doesn't useful in finding the cause of the problem!).
View 4 Replies
View Related
Sep 19, 2012
My setup is ISP-2811-PIX 515E-LAN. Right now, I am doing a PAT for IPSEC tunnels to terminate on the PIX. Do you recommend I use the 2811 instead of PIX for VPN or keep things the way it is? Trying to determine the best box to use.
View 4 Replies
View Related
May 27, 2013
I need to know which IOS should I download for my 2811 router to get all ip sla features
Router(config)# ip sla ?
<1-2147483> Entry Number
auto
enable
Note this is from my 2951 router.
I need full features like this in my 2811 router.so which IOS should I download.
View 3 Replies
View Related
Feb 29, 2012
I want to upgrade LMS 3.2 to 4.1. But when I look to "Special Notes and Exceptions for Devices Supported" document ,It seems that 2811 have 2 SysID.
Why there are two IDs for the same hardware and under which ID will my 2811 routers be classified into inventory database. This information is important since customer want to have support of 2811 in CiscoView of LMS 4.1 (around 200 devices).
View 3 Replies
View Related
Aug 23, 2012
Looking to implement CoPP in our 2811 ISR. We currently have the base 256mb of DRAM in there. Will this bring our router to its knees? I've priced a RAM upgrade.
View 0 Replies
View Related
Mar 19, 2012
i have a branch router that connects to mpls WAN. Also has a second interface that is used for dmvpn failover in case WAN goes down.We want to use this second interface also as the primary internet circuit for the branch. I changed the default route to the next hop address on the other side of the second interface and expected this to work.But i was told i need to set up NAT for this to work, and set up an ACL for NAT to use. how to set up NAT?
View 1 Replies
View Related
Nov 2, 2011
I have BGP router 2811. Want to configure BGP on it with two ISPs. How can i configure it?
View 1 Replies
View Related
Nov 8, 2011
I want to configure BGP but i am finding it very difficult to know BGP as I am new to this concept.
What is theoretical and practical approach to configure bgp??
I have to configure my office router 2811 for two ISPs which will be acting as fail-over.
I have to start it from scratch.
View 5 Replies
View Related
Feb 14, 2013
I have a 2811 that I can remotely VPN to using Cisco VPN client however I cannot see the internal admin network (10.35.5.0).
Current configuration : 4845 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
[code].....
View 2 Replies
View Related
Sep 23, 2012
I have a particular site that is causing me trouble, this site is connected in a back to back configuration using 2811 at CO and 2621XM at CPE. The CO end is also the CO for 3 other sites so has a total of 4 wics installed (WIC-1SHDSL-v2), these other sites also have 2621XMs for the CPE.
The problem i am getting is when one site in particular transfers large files to/from client machines, the CPU on the 2811 jumps to 99%:
CPU utilization for five seconds: 99%/98%; one minute: 26%;
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
11 12881868 37249378 345 0.49% 0.50% 0.51% 0 ARP Input
54 8548592 30375358 281 0.40% 0.45% 0.41% 0 XDSL BACKGROUND
[Code]......
View 2 Replies
View Related
Apr 20, 2013
We have a cisco 2811 router with 2 ADSL interfaces. One dialer interface is used for internet and another dialer interface is used for VPN.
The dialer interface that is used for internet purpose is "Dialer 1" and the VPN is "Dialer 2".
The route looks like this: ip route 0.0.0.0 0.0.0.0 dialer 1
Basically, I am able to the ping the external IP address associated with the Dialer 1 interface, however, I cannot ping the external IP address associated with Dialer 2.
View 5 Replies
View Related
