Ivan Rostovikov Posted September 23, 2009 Posted September 23, 2009 Вот такое наблюдаю в моменты наименьшей нагрузки. Когда нагрузка максимальная - до 80-90 % и это при суммарном трафике примерно несколько гигабит. Всего. Spanning Tree не использую. #show proc cpu s CPU utilization for five seconds: 22%/4%; one minute: 24%; five minutes: 22% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 132 61039810 28442057 2146 11.18% 11.76% 11.27% 0 Spanning Tree 125 2993982 21765827 137 0.63% 0.61% 0.58% 0 IP Input 199 1169 1102 1060 0.47% 0.36% 0.19% 3 Virtual Exec 27 81941 8082 10138 0.31% 0.02% 0.00% 0 Per-minute Jobs 110 661502 571732 1157 0.31% 0.11% 0.10% 0 HRPC qos request 17 1425075 3831900 371 0.15% 0.31% 0.35% 0 ARP Input Как диагностировать проблему ? Вставить ник Quote
UglyAdmin Posted September 23, 2009 Posted September 23, 2009 Spanning Tree не использую.Ну так отключи его нах... no spanning-tree vlan 1-4094 Вставить ник Quote
Ivan Rostovikov Posted September 23, 2009 Author Posted September 23, 2009 (edited) В том то и дело, что отключено... #show run | inc no spannno spanning-tree optimize bpdu transmission no spanning-tree vlan 1-4000 version 12.2no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! no logging on ! no aaa new-model clock timezone MSK 3 clock summer-time MSK recurring last Sun Mar 2:00 last Sun Oct 3:00 switch 1 provision ws-c3750-24ts switch 2 provision ws-c3750g-24ts-1u switch 3 provision ws-c3750g-12s ip subnet-zero ip routing ! ip domain-list ssss.ru ip domain-name ssss.ru ip name-server 123.123.123.123 ip cef load-sharing algorithm universal 6B2BC346 ! shutdown vlan 299 ! no file verify auto ! mac access-list extended BLOCK deny host 0080.482a.0285 any permit any any no errdisable detect cause gbic-invalid errdisable recovery cause udld errdisable recovery cause bpduguard errdisable recovery cause security-violation errdisable recovery cause channel-misconfig errdisable recovery cause pagp-flap errdisable recovery cause dtp-flap errdisable recovery cause link-flap errdisable recovery cause gbic-invalid errdisable recovery cause l2ptguard errdisable recovery cause psecure-violation errdisable recovery cause dhcp-rate-limit errdisable recovery cause unicast-flood errdisable recovery cause vmps errdisable recovery cause storm-control errdisable recovery cause arp-inspection errdisable recovery cause loopback errdisable recovery interval 60 port-channel load-balance dst-mac ! spanning-tree mode pvst no spanning-tree optimize bpdu transmission spanning-tree extend system-id no spanning-tree vlan 1-4000 ! ! ! vlan internal allocation policy ascending ! ! interface Port-channel1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,14,43,139,200-205 switchport mode trunk ! interface Port-channel2 switchport trunk encapsulation dot1q switchport mode trunk speed nonegotiate ! interface Port-channel3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,47,48,138,200-205 switchport mode trunk speed nonegotiate ! interface FastEthernet1/0/1 switchport trunk encapsulation dot1q switchport mode trunk duplex full speed 100 no mdix auto ! interface FastEthernet1/0/2 switchport access vlan 139 switchport mode access speed 100 ! interface FastEthernet1/0/3 switchport access vlan 202 switchport trunk encapsulation dot1q switchport trunk allowed vlan 11,14,43,200-205 switchport mode access ! interface FastEthernet1/0/4 switchport access vlan 202 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,200-2005 switchport mode trunk ! interface FastEthernet1/0/5 switchport access vlan 202 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,200-205 switchport mode trunk ! interface FastEthernet1/0/6 switchport access vlan 200 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,200-205 switchport mode access switchport port-security maximum 100 ! interface FastEthernet1/0/7 switchport access vlan 203 switchport trunk encapsulation dot1q switchport trunk allowed vlan 9,14,200-205 switchport mode trunk ! interface FastEthernet1/0/8 switchport access vlan 128 switchport trunk encapsulation dot1q switchport mode access ! interface FastEthernet1/0/9 switchport access vlan 200 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,200-205 switchport mode access speed 100 ! interface FastEthernet1/0/10 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,200-205 switchport port-security violation protect duplex full speed 100 ! interface FastEthernet1/0/11 switchport trunk encapsulation dot1q switchport mode trunk no mdix auto ! interface FastEthernet1/0/12 switchport trunk encapsulation dot1q switchport mode access ! interface FastEthernet1/0/13 switchport access vlan 200 switchport trunk encapsulation dot1q switchport mode access no mdix auto ! interface FastEthernet1/0/14 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,200-205 switchport mode trunk ! interface FastEthernet1/0/15 switchport trunk encapsulation dot1q switchport mode trunk no mdix auto ! interface FastEthernet1/0/16 description newbridge switchport mode access no mdix auto ! interface FastEthernet1/0/17 switchport access vlan 138 switchport trunk encapsulation dot1q switchport mode access duplex full speed 100 ! interface FastEthernet1/0/18 switchport access vlan 105 switchport trunk encapsulation dot1q switchport mode trunk no mdix auto ! interface FastEthernet1/0/19 switchport access vlan 43 switchport trunk encapsulation dot1q switchport mode access ! interface FastEthernet1/0/20 description asterisk switchport mode access ! interface FastEthernet1/0/21 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet1/0/22 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet1/0/23 switchport access vlan 43 switchport trunk encapsulation dot1q switchport mode access no mdix auto ! interface FastEthernet1/0/24 switchport access vlan 17 switchport mode access switchport voice vlan 43 spanning-tree portfast ! interface GigabitEthernet1/0/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,14,43,139,200-205 switchport mode trunk channel-group 1 mode passive ! interface GigabitEthernet1/0/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,14,43,139,200-205 switchport mode trunk channel-group 1 mode passive ! interface GigabitEthernet2/0/1 switchport mode access duplex full speed 1000 ! interface GigabitEthernet2/0/2 switchport trunk encapsulation dot1q switchport mode access ! interface GigabitEthernet2/0/3 switchport access vlan 14 switchport trunk encapsulation dot1q switchport mode access ! interface GigabitEthernet2/0/4 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-207 switchport mode trunk duplex full speed 1000 ! interface GigabitEthernet2/0/5 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-205 switchport mode access ! interface GigabitEthernet2/0/6 switchport mode access duplex full speed 1000 ! interface GigabitEthernet2/0/7 switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,14,200-205 switchport mode trunk duplex full speed 1000 ! interface GigabitEthernet2/0/8 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-207 switchport mode trunk duplex full speed 1000 ! interface GigabitEthernet2/0/9 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-207 switchport mode trunk duplex full speed 1000 ! interface GigabitEthernet2/0/10 switchport mode access ! interface GigabitEthernet2/0/11 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,10,11,14,15,19,43,103,115,126,135,200-207 switchport mode trunk ! interface GigabitEthernet2/0/12 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-207 switchport mode trunk ! interface GigabitEthernet2/0/13 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-205 switchport mode trunk ! interface GigabitEthernet2/0/14 switchport trunk encapsulation dot1q switchport trunk allowed vlan 200-207 switchport mode trunk ! interface GigabitEthernet2/0/15 switchport mode access ! interface GigabitEthernet2/0/16 switchport access vlan 14 switchport mode access ! interface GigabitEthernet2/0/17 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,43,132,200-205 switchport mode trunk duplex full speed 1000 ! interface GigabitEthernet2/0/18 ! interface GigabitEthernet2/0/19 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet2/0/20 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet2/0/21 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,14,17,43,124,200-205 switchport mode trunk ! interface GigabitEthernet2/0/22 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet2/0/23 no switchport ip address 195.2.238.114 255.255.255.252 ! interface GigabitEthernet2/0/24 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet2/0/25 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,47,48,138,200-205 switchport mode trunk speed nonegotiate channel-group 3 mode passive ! interface GigabitEthernet2/0/26 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,47,48,138,200-205 switchport mode trunk speed nonegotiate channel-group 3 mode passive ! interface GigabitEthernet2/0/27 switchport trunk encapsulation dot1q switchport mode trunk speed nonegotiate ! interface GigabitEthernet2/0/28 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,47,48,138,200-205 switchport mode trunk ! interface GigabitEthernet3/0/1 switchport trunk encapsulation dot1q switchport mode trunk speed nonegotiate channel-group 2 mode desirable ! interface GigabitEthernet3/0/2 switchport trunk encapsulation dot1q switchport mode trunk speed nonegotiate channel-group 2 mode desirable ! interface GigabitEthernet3/0/3 switchport trunk encapsulation dot1q switchport mode trunk speed nonegotiate channel-group 2 mode desirable ! interface GigabitEthernet3/0/4 switchport trunk encapsulation dot1q switchport mode trunk ! interface GigabitEthernet3/0/5 ! interface GigabitEthernet3/0/6 ! interface GigabitEthernet3/0/7 ! interface GigabitEthernet3/0/8 ! interface GigabitEthernet3/0/9 ! interface GigabitEthernet3/0/10 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,200-205 switchport mode trunk ! interface GigabitEthernet3/0/11 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,200-205 switchport mode trunk ! interface GigabitEthernet3/0/12 switchport trunk encapsulation dot1q switchport trunk allowed vlan 14,200-205 switchport mode trunk ! interface Vlan1 ... ... ... interface Vlan299 ip address 192.168.1.2 255.255.255.0 shutdown ! router rip version 2 timers basic 30 60 60 120 redistribute connected redistribute static passive-interface default network 123.123.123.123 no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 123.123.123.3123 ip route 10.0.0.0 255.0.0.0 Null0 100 ip route 10.111.111.0 255.255.255.0 195.2.238.10 ... ... ... no ip http server ! ! ! ! access-list 10 permit 10.0.10.6 access-list 10 permit 10.0.0.2 access-list 10 permit 10.130.0.26 ... ... ... access-list 199 remark anti-0080.482a.0285 arp 10.130.0.2 0080.4819.9fcd ARPA arp 10.0.130.6 0001.a801.b25f ARPA arp 10.1.3.153 0000.0000.0000 ARPA arp 10.130.0.54 0000.0000.0000 ARPA ! control-plane ! ! line con 0 access-class 10 in login local line vty 0 4 session-timeout 60 access-class 10 in login local line vty 5 14 access-class 10 in login local line vty 15 password nhfqntr login ! ! monitor session 1 source interface Fa1/0/12 monitor session 1 source interface Gi2/0/2 , Gi2/0/23 monitor session 1 destination interface Gi2/0/18 monitor session 2 source interface Gi2/0/23 monitor session 2 destination interface Gi2/0/13 ntp clock-period 36029175 ntp server 123.123.123.123 end Edited September 23, 2009 by Ivan Rostovikov Вставить ник Quote
ingress Posted September 23, 2009 Posted September 23, 2009 sh ver sh sdm prefer многа раз потыкать: sh controllers cpu-interface | inc stp посмотреть, быстро ли счётчики увеличиваются. Вставить ник Quote
dsk Posted September 23, 2009 Posted September 23, 2009 Недавно было точно такое, и точно на 3750-м, ищите в сети проблемы, скорее всего в каком-то сегменте срет тупой свич. Вставить ник Quote
t0ly Posted September 24, 2009 Posted September 24, 2009 шо приплыли? теперь и циски из за срущих тупых свичей сума сходят? Вставить ник Quote
dsk Posted September 24, 2009 Posted September 24, 2009 Сходят от большого количества броадкастов, которые плодят срущие свичи. Вставить ник Quote
UglyAdmin Posted September 25, 2009 Posted September 25, 2009 Так ограничить броадкасты/мультикасты, чтобы не сходили. storm-control broadcast level 1.0 Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.