USL Task? C5 Switches

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered
We are chasing high system utilization rates at our central location.  When the CPU rate is low (between 5-15%) there is no TID named USL Task.  When CPU runs high (between 94-98%) there is a TID named USL Tack running between 50-80%.

We have found many errors, loops, rogue APs, even a hub!  After finding each of these our rmon stats broadcast/multicast numbers dropped and out CPU numbers came down to 5-15%.  USL Task would go away.  Check an hour later and the USL Task is back, churning up 50-75%, and CPU is hovering in the mid 90s.  When it peggs at 100% things get really ugly since this is the main egress from the entire school district.

What is USL Task and what can I learn from it?
Photo of Joshua Beddingfield

Joshua Beddingfield

  • 280 Points 250 badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Do you have STP enabled?  If you do, on the edge port, enable adminedge

so you would

set spantree adminedge ge.1.1-47 true
set spantree spangaurd enable 

Don't put adminedge on the non-edge ports.  It will disable the port if it receives a BPDU.
Photo of Joshua Beddingfield

Joshua Beddingfield

  • 280 Points 250 badge 2x thumb
Spantree is enabled.  Adminedge "should" be set on all non-edge ports.  show spantree debug no longer shows any spantree issues.  No adminedge ports are blocked.  Only one loop has triggered spantree to this point.

We found a hub because of the number of collisions in rmon stats for that port (spantree wont pick up a hub - no bpdu's).  This helped.  A few days later CPU was pegged again and we found a loop in another switch in the subnet.  Two of us have been combing through the 6 closets (with about 2-3 switches each) at this location for the past few days.

If USL Task is an indicator of a loop, we will keep looking for loops.
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,220 Points 10k badge 2x thumb
Hi Joshua,

you can try broadcast limiters to limit the effect of loops and help in finding them (look for ports with high broadcast numbers).
set port broadcast <PORT_STRING> <THRESHOLD_VALUE>
But this might not be enough to completely mitigate a loop, see Port Broadcast Suppression does not help prevent network congestion on SecureStack during loop or flood.

You can limit flooded multicast and unknown unicast frames using the flood-ctrl feature set.

Erik