Solved

High CPU on Cisco 2960 caused by process HLFM address learning

Posted on 2016-09-21
5
41 Views
Last Modified: 2016-10-12
Hi
    I have been checking a switch for high CPU Util, below is the output of the processes.  I added bpduguard to all the access ports which were missing looked like a BPDU flood,  this did not fix the issue.  It is a Cisco C2960. Any ideas guys on the fix.  I rebooted the switch it cleared the process, is there anything else I can do other than rebooting the switch in the furure ?

CPU utilization for five seconds: 90%/0%; one minute: 88%; five minutes: 85%
 PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
  64  1027439852 588315945       1746 58.12% 62.86% 59.45%   0 HLFM address lea
 187   274811181  37798433       7270 14.01% 12.62% 12.41%   0 Inline Power
 123     4662298  23761507        196  5.25%  0.42%  0.08%   0 Auth Manager
 108  1581934791 450359134       3512  4.13%  4.02%  4.41%   0 Hulc LED Process
0
Comment
Question by:Mohammed Shakoor
  • 2
  • 2
5 Comments
 
LVL 26

Expert Comment

by:Predrag Jovic
Comment Utility
It could be Cisco bug (there were problems with CPU spikes and memory leaks in some IOS versions), so it can be IOS version dependent. You can try to upgrade or downgrade IOS version.
What is output from
# sh version
0
 

Author Comment

by:Mohammed Shakoor
Comment Utility
Thanks Predrag, below is the Sh ver output.

UKSWLINC001#sh vers
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(50)SE5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 28-Sep-10 13:44 by prod_rel_team
Image text-base: 0x00003000, data-base: 0x01400000

ROM: Bootstrap program is C2960 boot loader
BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(46r)SE2, RELEASE SOFTWARE (fc1)

UKSWLINC001 uptime is 5 hours, 24 minutes
System returned to ROM by power-on
System restarted at 10:47:12 UTC Wed Sep 21 2016
System image file is "flash:/c2960-lanbasek9-mz.122-50.SE5/c2960-lanbasek9-mz.122-50.SE5.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C2960-48PST-L (PowerPC405) processor (revision F0) with 65536K bytes of memory.
Processor board ID FOC1516W2DF
Last reset from power-on
3 Virtual Ethernet interfaces
48 FastEthernet interfaces
4 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

64K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 88:F0:77:86:97:80
Motherboard assembly number     : 73-11882-10
Power supply part number        : 341-0266-03
Motherboard serial number       : FOC151524M4
Power supply serial number      : LIT15080WA2
Model revision number           : F0
Motherboard revision number     : A0
Model number                    : WS-C2960-48PST-L
System serial number            : FOC1516W2DF
Top Assembly Part Number        : 800-30874-05
Top Assembly Revision Number    : A0
Version ID                      : V04
CLEI Code Number                : CMMD410ARA
Hardware Board Revision Number  : 0x01


Switch Ports Model              SW Version            SW Image
------ ----- -----              ----------            ----------
*    1 52    WS-C2960-48PST-L   12.2(50)SE5           C2960-LANBASEK9-M
0
 
LVL 26

Accepted Solution

by:
Predrag Jovic earned 250 total points (awarded by participants)
Comment Utility
You can paste sanitized configuration, if some configuration problem can be noticed.
Recommended version for your device is  IOS 12.2.55-SE11
You can find list of bugs that were "cured" and possible workarond in Resolved Caveats section.
This does not mean that your problem is listed on link, but upgrade can solve many issues.
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 250 total points (awarded by participants)
Comment Utility
This was fixed in 12.2.55-SE5
1
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
Best answer chosen
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now