Cisco ACL and HIGH CPU due to IP INPUT

Posted on April 11, 2008. Filed under: Uncategorized |

High CPU – IP Input on Cisco Router [PART II]

As written in Part I Cisco High CPU due to IP Input :

PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
47 22949526882139777808 1072 21.11% 26.99% 29.53% 0 IP Input

And everything has been checked on the list detail explained.
One more thing today I found : ACL rows + log.
The more rows more CPU resources.
It’s going to raise more if you have log applied at the end of acl row.

I’ve been minimizing and simplifizing my ACL.
It’s getting more and more space on CPU resources available that would give a more stable performance of your gear.

My suggestions :

– Remove the log sufix if it’s not realy needed.
– Replace deny ip host/network with null route (static).

That’s all

rgs.
a. rahman isnaini r.sutan

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: