Network connectivity or latency reported with high CPU due to icmp redirects

  • High CPU with the Switch Packet Processing Task 
  • Network latency
  • Slow ping response to/from servers
  • Application connection timeouts across router
  • S-series
  • N-series
  • Routing
  • ICMP redirects 
  • Traffic is getting redirected from the router interface
  • Client ignores icmp redirect instruction
  • ICMP redirect traffic is soft-forwarded and rate limited on the S-series
  • To see icmp redirect packets being sent from router to traffic source to identify this condition, take a wireshark packet capture
Switch counters diagnostic procedure:
  1. config-> debug packet show-statistics <view cumulative stats>
  2. config -> debug packet clear-statistics <Clear these counters>
  3. allow time interval. ex: 10 seconds, 30 seconds - followed by
  4. config -> debug counters show-statistics
S-Series(su-config)->debug packet show-statistics

                 Global Router Statistics - last cleared 12s ago
                      (repeat command to refresh counters)
   type                                              count     hi-count-blade
                                 Packet Counts
   Total Packets in:                                    670                  2
   IPv4 Packets in:                                     670                  2
   Non-Unicast Packets in:                           1                   2
    /clipped output/
    Redirected:                                          367                   2

Disable ICMP redirects on the associated interface. 

Config example:
S-Series(su-config)->int vlan.0.1
S-Series(su-config-intf-vlan.0.1)->no ip redirects
