CPU Congestion

  • 0
  • 1
  • Question
  • Updated 6 months ago
  • Answered
Hi all,

From time to time and randomly on my network some stacked switches become unresponsive and very sluggish, my monitoring software shows that those stacks are down and if i ping them i have a RTT of about 5000ms.
 
When i log onto to the stack and run the cmd "debug hal show congestion" it shows congestion on all slots. to identify the type of traffic that is congestioning the CPU i run the cmd "show l2stats vlan [vlan]" several times to see which counter is incrementing and i see that the broadcast and multicast are the ones to blame. 

I am wondering if anyone has experienced this problem to and how did you troubleshoot it?
Photo of GONÇALO NUNO CONTENTE PIMENTEL DA SILVA REIS

Posted 6 months ago

  • 0
  • 1
Photo of David Coglianese

David Coglianese, Embassador

  • 5,944 Points 5k badge 2x thumb
Have we ruled out a loop? Are you running ELRP?

We have seen this caused by MDNS on a customers network. Fortunately in their case they were not using the MDNS so we were able to block that and things improved.
Hi, I have to rule out loop because the switch has only one uplink, also if there was a loop I should see mac flapping, which I dont.
Photo of Brad Parker

Brad Parker, Technical Support Engineer

  • 3,266 Points 3k badge 2x thumb
Hello,

If you run a "show igmp snooping cache" Do you see a lot of ports reporting on the following addresses?
224.0.0.251 (bonjour/MDNS)
239.255.255.250 (SSDP)
239.255.255.253 (SLP)
224.0.0.252 (LLMNR)

If so, we may need to block some of that traffic, if it isn't being used.

Vi block_mdns.pol

entry slp {

if {

destination-address 239.255.255.253/32;

} then {

deny;

count slp;

}

}

 

entry bonjour-mdns {

if {

destination-address 224.0.0.251/32;

} then {

deny;

count bonjour-mdns;

}

}

entry llmnr {

if {

destination-address 224.0.0.252/32;

} then {

count llmnr;

deny;

}

}

entry ssdp {

if {

destination-address 239.255.255.250/32;

} then {

count ssdp;

deny;

}

}


:wq to exit

apply to the edge ports on ingress to prevent the packets from even coming into the network at all.


Thanks
Brad
(Edited)