[157677] in North American Network Operators' Group
Re: Cisco 6509 SUP32 SNMP Meltdown With CatOS
daemon@ATHENA.MIT.EDU (Jeff Gehlbach)
Fri Nov 2 17:13:06 2012
Date: Fri, 02 Nov 2012 17:12:26 -0400
From: Jeff Gehlbach <jeffg@opennms.org>
To: Nick Hilliard <nick@foobar.org>
In-Reply-To: <50943291.1050701@foobar.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 11/02/2012 04:52 PM, Nick Hilliard wrote:
> E.g. a fully loaded 6509 with 384 ports would take ~3000 queries every
> several minutes to perform full port diagnostic polling, and you'd want to
> be doing this every couple of seconds to cause serious CPU impact. Are you
> doing something like full DFZ or MAC table polling?
I bet you're close toward the end there. My guess is he's carrying a
large BGP feed and querying the ipRouteTable. The caveat below is for
IOS 12.4(20)T but equivalent issues surely exist for CatOS:
http://www.cisco.com/en/US/docs/ios/12_4t/release/notes/124TCAVS3.html#wp2057950
The killer in this case is not the SNMP traffic or anything resulting
directly from it, but the CPU overhead from constantly re-sorting the
ipRouteTable since that's generated from the FIB when CEF is enabled.
Workaround is to disable CEF (heh) or configure a MIB view that excludes
the ipRouteTable. This one bites an OpenNMS support customer a few
times a year -- happened again just today, in fact, at a shop that just
enabled topology discovery.
> Also, you may want to consider moving away from CatOS, as it's now
> basically abandonware (or at least will formally be in Jan 2013), and
> hasn't even seen maintenance updates in the last 4 years.
What you said :)
-jeff
