Methods for identifying a network loop or identifying the port experiencing reflection behavior.
1) Enable logging for moved mac addresses to assist debug
2) After identifying the high CPU blade
- set movedaddrtrap enable
- set movedaddrtrap <port-string> enable (more ports are generally better)
- this will print moved MAC addresses to the log
- use: show logging buffer to access the information
3) Using Netsight Compass search for duplicate L2 address entries
- disable half the ports.
- Check the CPU.
- If no change, re-enable the ports
- disable the other ports on the blade.
- If the CPU responds positively, enable half of these ports, then half the remaining ports.
- Using this method rule out all ports except those causing negative impact.
4) Issue the command "show rmon history interval 5min wide" during high switch packet processing to determine which ports have high throughput in the "Util" column
5) Once a flow is learned there is no impact to cpu from traffic forwarded. However, the act of learning and tearing down flows does take cpu time. If there are thousands of flows being learned and aged very quickly on a port these could look like a constant number of flows on first inspection. To get an idea of whether there is flow churn you could use the command below This will repeat the command 10X with 0 seconds between repeating , so repeating continuously. You should see whether a current number of flows on one port fluctuates by 1000s up and down. If so it is likely causing cpu issues due to constant thrashing of flows.
Loop 10 0 -r
Show flow stat