Guest

Preview Tool

Cisco Bug: CSCup34525 - High CPU due to ACL SW Forwarding instead of Log/ICMP unreachable queue

Last Modified

Jan 28, 2017

Products (1)

  • Cisco Catalyst 4000 Series Switches

Known Affected Releases

15.0(2.0.0)

Description (partial)

Symptom:
Whenever the log option ACE is configured ? all the subsequent ACEs which has DENY action and for which ICMP unreachable needs to be generated. Thus  the packets are going to CPU on the "ACL SW Forwarding Queue" instead of "Log/ICMP unreachable queue", and CPU usage is increased too high..

Packets Received by Packet Queue
Queue                  Total           5 sec avg 1 min avg 5 min avg 1 hour avg
---------------------- --------------- --------- --------- --------- ----------
--snipped--
ACL sw processing               793316       823       787       580        118
 
Packets Dropped by Packet Queue
Queue                  Total           5 sec avg 1 min avg 5 min avg 1 hour avg
---------------------- --------------- --------- --------- --------- ----------
ACL sw processing              8546131     10134      9897      7028       1290 <<<<<
 
13 ACL log, unreach   1A5AEC28          0  200  200    0    5         0         0
14 ACL sw processing  1A5AEFA0     800422   98  100    0    5   8636498         0 <<<<<
15 MTU Fail/Invalid   1A5AF0D8          0  102  102    0    5         0         0

Conditions:
Version: 15.0(2)SG8
Whenever the log option ACE is configured
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.