{"id":627,"date":"2012-01-03T17:22:36","date_gmt":"2012-01-03T17:22:36","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2012\/01\/03\/high-cpu-usage-on-a-cisco-css\/"},"modified":"2021-07-24T18:21:52","modified_gmt":"2021-07-24T18:21:52","slug":"high-cpu-usage-on-a-cisco-css","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Loadbalancers\/Cisco\/high-cpu-usage-on-a-cisco-css.html","title":{"rendered":"High CPU Usage on a Cisco CSS"},"content":{"rendered":"
The Cisco CSS is showing a high level of CPU usage, even though the networking throughput does not appear excessively high nor is there a large number of EQL or DQL`s configured.<\/p>\n
CSS11501# sh system-resources cpu
Chassis CPU Utilizations
Module Name Module 5Sec 1Min 5Min
—————————————————-
CSS501-SCM-INT 1 90% 88% 75%
CSS501-SSL-C-INT 2 0% 0% 0%<\/p>\n
Though there can be a number of causes to high CPU, within this article we look at the CPU resource consumption being due to the flow table.
Due to a high level of connections transversing the CSS the LoadBalancer uses CPU resource to build the subsequent flows within the flow table.<\/p>\n
This can be confirmed using the following command and viewing the hit counters :<\/p>\n
CSS11501# sh flow-state-table
Flow-Disable Timeout: 5<\/p>\n
Port Protocol NAT-State Flow-State Hit-Count
————————————————————
53 TCP ——— flow-enable 6228 *
53 UDP ——— flow-enable 6399259 *
67 TCP ——— flow-disable 20 *
67 UDP nat-disable flow-disable 0 *
68 TCP ——— flow-disable 103 *
68 UDP nat-disable flow-disable 0 *
137 TCP ——— flow-disable 19 *
137 UDP nat-disable flow-disable 112690 *
138 TCP ——— flow-disable 71 *
138 UDP nat-disable flow-disable 0 *
161 TCP ——— flow-disable 13 *
161 UDP nat-disable flow-disable 164570 *
162 TCP ——— flow-disable 35 *
162 UDP nat-disable flow-disable 0 *
520 UDP nat-disable flow-disable 0 *
5060 UDP ——— flow-enable 88 *
8089 UDP nat-disable flow-disable 12 *<\/p>\n
In this instance we could see a large increase in the DNS hit counters, based on this the flow state was disabled for UDP\/53, and the CPU utilization returned to an acceptable level.<\/p>\n
flow-state 53 udp flow-disable nat-enable<\/p>\n","protected":false},"excerpt":{"rendered":"
Issue The Cisco CSS is showing a high level of CPU usage, even though the networking throughput does not appear excessively high nor is there a large number of EQL or DQL`s configured. CSS11501# sh system-resources cpu Chassis CPU Utilizations Module Name Module 5Sec 1Min 5Min —————————————————- CSS501-SCM-INT 1 90% 88% 75% CSS501-SSL-C-INT 2 0% … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45],"tags":[],"yoast_head":"\n