Reset Search
 

 

Article

High CPU on S-Series - SNMP

« Go Back

Information

 
TitleHigh CPU on S-Series - SNMP
Symptoms
  • show system utilization displays SNMP using a high % of CPU
  • debug of UDP port 161 show unauthorized NMP polling switch
create an ACL (that is used by the Debug Packet Filter tool, it is NOT applied to any interface, so it will not cause interruptions).

1. Enter router config mode: 
S4 Chassis(su)->router 
S4 Chassis(su-router)->config t 

2. Create ACL to be used by the Debug Packet Filter tool
"show ip interface breif" to get a list of VLAN IPs.
S4 Chassis(su-router-config)->ip access-list extended gtacdebug 
S4 Chassis(su-router-cfg-ext-acl-gtacdebug)->permit udp any host <vlan1 IP> eq 161 
S4 Chassis(su-router-cfg-ext-acl-gtacdebug)->permit tcp any host <vlan2 IP> eq 161 
S4 Chassis(su-router-cfg-ext-acl-gtacdebug)->permit tcp any host <vlan2 IP> eq 161 
S4 Chassis(su-router-cfg-ext-acl-gtacdebug)->permit tcp any host <vlanN IP> eq 161 

(repeat this for all interfaces on the S-Series)

3. Exit out of ACL and set output settings for Debug Packet Filter tool: 
S4 Chassis(su-router-cfg-ext-acl-gtacdebug)->exit 
S4 Chassis(su-router-config)->debug packet control verbose 
S4 Chassis(su-router-config)->debug packet control limit 1000 

4. Configure the Debug Packet Filter tool to use the ACL, and execute the tool: 
S4 Chassis(su-router-config)->debug packet filter access-list gtacdebug 
S4 Chassis(su-router-config)->debug packet restart 

5. Wait 5 minutes, exit out of router->config, then dump the logging buffer output, log it to file: 
S4 Chassis(su-router-config)->exit 
S4 Chassis(su-router)->exit 
S4 Chassis(su)->show logging buffer 
Environment
S-Series
Cause
Unauthorized NMS polling
Resolution
Stop unauthorized NMS polling
Additional notes
In the "show logging buffer" output, you will see Debug Packet output. It will contain both the
Source and Destination IP. Below is an example of the Debug Packet output.


<165>Oct 23 10:41:08 0.0.0.0 DbgIpPkt[1][167934],  RECEIVE:   ingress on port ge.1.103, vr global, vlan.0.1, Matched ipv4 acl gtacdebug, rule[1:permit udp any host 10.208.64.1 eq 161],   FATE:      Forwarding discontinued, cause: SENT_TO_HOST, Discard this pkt, flow allowed,  PKT-ORIG:  InPort(ge.1.103) LEN(102) DA(D8:84:66:88:97:16) SA(00:0C:29:38:1E:71) C-TAG(8100:0001) ETYPE(0800) SIP(10.208.74.2) DIP(10.208.64.1) VER(4) HLEN(5) TOTALLEN(80) PROTO(17) TOS(0) TTL(64) UDP_DST(161) UDP_SRC(58200)
  .
<165>Oct 23 10:41:08 0.0.0.0 DbgIpPkt[1][167935],  RECEIVE:   ingress on port ge.1.103, vr global, vlan.0.1, Matched ipv4 acl gtacdebug, rule[1:permit udp any host 10.208.64.1 eq 161],  FATE:      Forwarding discontinued, cause: SENT_TO_HOST, Discard this pkt, flow allowed,  PKT-ORIG:  InPort(ge.1.103) LEN(102) DA(D8:84:66:88:97:16) SA(00:0C:29:38:1E:71) C-TAG(8100:0001)ETYPE(0800) SIP(10.208.74.2) DIP(10.208.64.1) VER(4) HLEN(5) TOTALLEN(80) PROTO(17) TOS(0) TTL(64) UDP_DST(161) UDP_SRC(49622)

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255