Cisco WAN :: 7204VXR NPE-G1 - 100% CPU With OC3 Module?
Aug 23, 2012
i bought new RF Cisco 7204VXR NPE-G1. As soon i enable OC3 module ( PA-POS-OC3SMI) CPU of the router shoot to 100%, and if i reboot the router, it wont comeback not even on Console. I had to remove the POS card and then boot router and then hot insert the module.
so i put the command
int pos 4/0
loopback internal
as soon igave this command, CPU dropped down to normal. Whats the deal here? now i need to activate the circuit on this POS interface, but as soon i remove loopback internal command , CPU shoots to 100% Although CPU sorted dont show any process causing it.
I'm running (C7200P-ADVENTERPRISEK9-M), Version 12.4(24)T4, RELEASE SOFTWARE (fc2) on a Cisco 7204VXR (NPE-G2). Currently, the router has about 200 VLANs configured on dot1q subinterfaces.
Now, the router hangs everytime we try to add a new Vlan.
Why my OC3 interface is showing increasing output drops its starts happening as soon traffic exceed 60Mbps ( FYI my traffic never exceeded 75Mbps MAX, and circuit is 150Mbps from carrier , full OC3)
Below are few stats as starter. IOS i am using is c7200p-is-mz.122-31.SB10.bin
sh int pos1/1 POS1/1 is up, line protocol is up Hardware is Packet over Sonet
what I have are 2 x 7204VXR (Gateways), 1 x 4507R-E (Coreswitch), and our ISP have 7609.Got some issues with redundancy with our ISP.
7609 I I I I 7204-A 7204-B | | | vrrp | | | -4507R-E- | | internal network
Both outside interfaces of 7204 gateways are connecting to 7609 with different public ip block.I used VRRP for my internal nework and failover have been tested working.Even tried to remove link of 7204-A and 7609, the failover works perfect.But somehow we're facing a problem:
- If I shutdown/ remove the link between my 4507R-E and 7204-A (primary gw_higher vrrp priority), vrrp redundancy/failover still works but internal network's internet connection goes down.
I asked our ISP and the route commands they put in their 7609 are as of follows: ip route 3.8.8.0 255.255.255.0 3.4.4.4 name TO CUSTOMER LINK 1 ip route 3.8.8.0 255.255.255.0 3.3.3.3 2 name TO CUSTOMER LINK 2
And if they're trying to use Reliable Static Routing Backup Using Object Tracking, the internal network's internet connections is intermittent....alternate 4 ping reply and 4 timeout.
When the router boots up, the boot loader keeps telling me it does not recognize the card and wait until it fully boots to see the revision on the card, but I can not see the revision on the card because it is unrecognized.
What boot loader I need to get the 7204 to recognize the card?
Cisco Internetwork Operating System SoftwareIOS (tm) 7200 Software (C7200-JS-M), Version 12.3(26), RELEASE SOFTWARE (fc2)Technical Support: [URL]Copyright (c) 1986-2008 by cisco Systems, Inc.Compiled Mon 17-Mar-08 19:27 by dchih
I am seeing packets being ignored on GigabitEthernet0/0, but can't find any reason what the reason can be for that. So far calculated that about 3% of the traffic is being ignored. If it was caused by shortage of input buffers, I would expect to see increasing counters somewhere at no_buffer, but that is not the case. The average txload and rxload on the router is low all times.
#sh int g0/0GigabitEthernet0/0 is up, line protocol is up Hardware is i82543 (Livengood), address is 0012.7f8a.8008 (bia 0012.7f8a.8008) Description: ;Link to NORISMP998 G5/2 Internet address is 151.175.19.102/30 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 2/255, rxload 2/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, link type is autonegotiation, media type is SX output flow-control is XON, input flow-control is XON ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 8w2d Input queue: 0/75/522186/1117 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 11667000 bits/sec, 2319 packets/sec 5 minute output rate 9377000
I want to get the result of the following command with snmp. Is This possible?
The command is "show extended channel 2/0 csna oper". I need to know, if the status is "closed" or "setupcomplete". Can I catch these values with snmp?
I did a snmpwalk but can´t find any lines with these values. Is there a specific IOS version necessary?The hardware is a Cisco 7204VXR with IOS 12.1(5)T10 and microcode xcpa28-1
I'm having trouble connecting to my IPS module via ASDM and web browser after configuring an IP address for the IPS module via CLI.The 5510's management port is plugged into our switch, and a VLAN is assigned at the switchport. I gave the IPS module an IP address in the same subnet (DG as well) as the 5510's management port, assuming the IPS module would communicate over the 5510's management port. Is this not right? I'm limited to the CLI for now, and would really like to access the IPS module through the ASDM.
I want to add module of WS-X6716-10GE(-3C). The type of 6500 isCisco WS-c6509-e (r7000) processor (revision 1.2).Can I add this module to this type of 6500?Do I need to reset the 6500 in order to the 6500 receive the module?
I have the situation with my new Cisco 2951 router. It has only one module on board - SM-D-ES3-48-P. I don't know what is wrong but I can't see any information about this module. When I connect my laptop to any port it's become green, but it's still green even after I disconnect PC from this port. Sh ip int brief command shows only built-in gigabit interfaces. I also connect my second PC to the router by console to monitor any changes when I connect or disconnect laptop to the module's ports. [code]
Will Cisco LMS Prime 4.1 be getting a map module, so you are able to see a graphical map of up and down status of devices? I know the topology map is a module within LMS, but what would be nice to see is a graphical map, where you are able to manipulate the icons to place them on that status map.
I have cluster of firewalls which inclueds AIP module and are in production. Due to some issue modules could not be activated. Now I need to activate and udate signature of them. So whether I can do all this activity without effecting my production (Zero downtime).
I know to add a user in the service engine is (config)#user Aileen create but how would you remove it. I tried no before user to negate the command but i do #sh users and the username is still listed.
I have a Hwic 3G-GSM module in an 1841 router. The sim card in the module is configured on an APN no username and password. I have checked all the config from a working router 1841 plus the same module and same vendor Sim card on the APN and all is working. I have configured the second router but it doesn't want to connect at all. If i put the Sim card in a standard 3G modem life is good, and I can connect to the APN and get the static IP address. When I'm trying to initiate the connection from the 1841 the Sim card wont connect.
My config to debug:
sh ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 10.20.20.1 YES NVRAM up up FastEthernet0/1 unassigned YES NVRAM up up Cellular0/1/0 unassigned YES NVRAM up up NVI0 10.20.20.1 YES unset up up
[ code] ...........
I'm not sure if the cellular card is calling the wrong script (d0efault-d0ials0crip) instead of the gsm one configured.
I have Cisco ASA 5510 with CSC-SSM-10. ASA anti-virus service can not update the Base and Plus lisense. No Activation Code required for renewal. I go to "Administration> Product License" in the CSC SSM console and click "Check Status Online" to get the latest expiration date.In the module on the Check Status Online has reported the following error when: Base License status could not be checked because of a license server failure. "Please try again later", "Plus License status could not be checked because of a license server failure. Please try again later". UPDATE manual virus database can be seen in the latest available version, can not be upgraded because the service expired.
if the 7600-SIP-200 supported in VSS mode or not ?
I have configured to Cisco Catalyst 6513 as VSS, both of them have the 7600-SIP-200 module, before converting them to VSS I was able to work with the 7600-SIP-200 module, but after I did convert them to VSS, both modules didn't work.
here is the show module output, after VSS conversion:
VSS1#show module Mod Ports Card Type Model Serial No.--- ----- -------------------------------------- ------------------ ----------- 1 0 4-subslot SPA Interface Processor-200 7600-SIP-200 JAE14500GMT 7 5 Supervisor Engine 720 10GE
For some test in my lab , I ordered on e-bay a AIM-VPN board , they guy told me that it work in a C1841.When I compare to the one I have in my C2621 , they look equal.On both pcb I can read : CN6I280AAA
We have installed 5585-x in active/active mode with transparent firewall. We have created two virtual sersors for vs1 and vs2 in IPS module and linked with ASA context C1(vs1), C2(vs2) and admin(vs0).
As firewall is working in transparent mode, we have bridge IP address for context C1 10.1.1.1 and for context C2 10.2.2.1.
I have added default routed for context C1 10.1.1.2 .It is in the outside of asa and SVI on switch.For the other context C2 10.2.2.2.
IP address range for the IPS module and what should be the gateway for IPS module.AS the traffic is coming from outside and going to inside interface of ASA.
I have checked on Cisco.com and as per a module support document for ISR's G2, the NM-1CE1TI-PRI module is not supported on new ISR's. Grateful if more clarification could be obtained about the above.
Will be router not detect the module when inserted in the chassis?
RouterModelIOSModuleR1Cisco 3945 Integrated Service Routerc3900-universalk9-mz.SPA.151-1.T.binNME-AIR-WLC12-K9 R2Cisco 3945 Integrated Service Routerc3900-universalk9-mz.SPA.151-4.M1.binNME-AIR-WLC25-K9
The issue that we are experimenting is that, although the module's interfaces are up and HSRP in correctly configured, the show standby summary displays that the Active router is local in both routers. We also have some GigabitEthernet in the routers and they are correctly running HSRP. Does the WLC Modules physically support HSRP?
I have 2611xm router with 2 fastethernet ports. Now I want to install NM-1FX-TX module. I just want to conform that does 2611 supports NM-1FX-TX module. I am using this device for lab purpose. I am using latest IOS"
I recently installed the license ACE-SSL-05K-K9 on ACE10 with multicontext solution.The license provides 5000 Maximum number of SSL transactions per second (TPS).The customer would like to track this to find out the correct size and in the case of services https upgrade licenses.Can I do it so through particular output or it's necessary monitoring with snmp service? In the second case, can you tell me the oid string to use?
In case the module should receive a higher number of connections to that provided by the license, what's the issue for new https connections?
i just configured GRE over IPSEC on my Cisco 3745 router with VPN module installed. As soon i hit 25Mbps traffic, my CPU is touching 80%.
What maximum Traffic 3745 with GRE over IPSEC it can support?
Also show process CPU sorted dont show any evidence of which process eating it up.
sh processes cpu sorted CPU utilization for five seconds: 75%/75%; one minute: 77%; five minutes: 78% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
I have a couple of ASA 5510 firewalls configured and working. I'm now charged with configuring the IPS modules. I'm having to do this remotely. Since the IPS module hasn't been configured I'm guessing it's on 192.168.1.2 with the default username/password.
I'm told that the workstation I access from connects through a switch to the ASA and to the IPS.
I've set the ASA management port to 192.168.1.1. I can't ping 192.168.1.2 - not sure I'm supposed to be able to. In the ASDM, Configure IPS prompts for an IP address. Entering 192.168.1.2 returns "IP address of the management port is unreachable".
