I have a flat network, 3 switches, a 4006 uplinked to both a 6509 and another 4006. My problem is that the cpu utilization is over 50% on the 4006. I have only one vlan, and everyone is in it, I know multiple vlans would help, but management is agenst it. I also have EXTREMELY high broadcast traffic from just about all workstations, from what I have read, this could cause the high cpu... but what I don't know is what woulod cause all ports to have a high broadcast traffic .. most are at 97%. Can anyone PLEASE help me understand this???? I am brand new to this company, and the consultant who set the network up, and who still comes around says it was never this high before, but I have my doubts.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
high cpu and high broadcast traffic problem
- Thread starter 126rjp
- Start date
If your are using a Windows network... Make sure you are running WINS and DNS, and it's properly configured. This can cause high broadcasts if not configured or misconfigured.
Check to see if your DHCP scope leases are short as well.
Also, with a 6509 and two 4006's you have plenty of horsepower to run vlans. Why does managment not want to do this?
Check to see if your DHCP scope leases are short as well.
Also, with a 6509 and two 4006's you have plenty of horsepower to run vlans. Why does managment not want to do this?
- Thread starter
- #3
Thanks for the help Baddos,
I wish I knew why they don't want them, I have suggested more then once, but they are against it.
The dhcp scope is set low only 3days... I will look into DNS and WINS.. do you know of anything I should specifically look for?
I wish I knew why they don't want them, I have suggested more then once, but they are against it.
The dhcp scope is set low only 3days... I will look into DNS and WINS.. do you know of anything I should specifically look for?
If you are running a flat 1 vlan network , whenever someone has to arp , this is a broadcast every single port on all switches will see , whenever a mac address times out , typically 5 minutes in the cam table , they have to be arped again and everyone will see the broadcast , multiple that by how many people you happen to have on this subnet , as far as the 4000 cpu it's not that high , even with hardly anyone attached these the cpu on these will run 25-30% . Are you trunking or running spanning tree ? If so then manually prune off every single vlan except the one you are using , this will bring down the cpu as this is one of the main functions of the cpu , you should be able to see what the highest processes are . Most switching is done in hardware so the CPU has very little to do with the cpu utilization on the 4006 . Also if I am not mistaken you are able to limit broadcasts on the 4006 on per port basis . Also one of the first things you should be looking for is what clients may have viruses , a virus like Nachi will be all broadcasts as this tries to go to many different addresses and the first thing it will do is arp for every address , I would check here first . Even with flat network this is small enough where it should not be a problem .
Also see if you can run one single protocol. TCP/IP should be the only protocol you are using unless you have old legacy apps that need another protocol. If you don't have any of those, make sure your computers and print servers have the unneccessary protocols turned off.
- Thread starter
- #6
Thanks for the help vipergg and baddos,
I removed all protocols except ip form most of the workstations, my cpu utilization is 60 - 70%, I moved sc0 from vlan10,(which has all devices in it), to vlan1, and the cpu dropped to 40%. I still have large amounts of broadcast traffic, but the cpu has gone down. I no longer can access the switch from telnet, but at least the cp has gone down. could this be because I moved sc0 into a different vlan?
I removed all protocols except ip form most of the workstations, my cpu utilization is 60 - 70%, I moved sc0 from vlan10,(which has all devices in it), to vlan1, and the cpu dropped to 40%. I still have large amounts of broadcast traffic, but the cpu has gone down. I no longer can access the switch from telnet, but at least the cp has gone down. could this be because I moved sc0 into a different vlan?
sc0 is mainly management and should be on it's own VLAN (or Management VLAN). Personally I would place sc0 to VLAN 2 or another, since by default all ports are assigned VLAN 1, you have placed your management interface in a vulnerable VLAN. Keeping sc0 in it's own VLAN is probably why you gained some CPU performance. I don't understand why managment won't listen to their resident experts. Breaking up every department/division into their own VLAN would greatly reduce broadcast traffic by keeping it within it's own VLAN while dramically improving performance. sc0 configured with a default gateway address should give you TELNET. Why are they wasting money on heavy equipment if they are going to only use them as a smart hub. As for vipergg's comment, you can't prune what you don't have. Since everyone is in the same VLAN there is no VTP prunning to be done. If your 4006's have RSM's you have alot of potential for an extreamly effecient network, your just not using what you have.
SpudNuts(ITC), USN(Ret), CCNA, BSCI, BCRAN, CST
SpudNuts(ITC), USN(Ret), CCNA, BSCI, BCRAN, CST
- Status
Similar threads
