Router CPU usage is too high how to do?

If you are experiencing the above problems, please refer to the following workaround

One, show process CPU such as display IP input process is using a lot of CPU, check the following

(1) Can not be fast switched package has: Switching cache no Entry package, destination is a router package, the need for protocol conversion package, made Policy Routing package, X.25 encapsulation package, Multilink PPP, compressed, and encrypted package destinations are router packages.

(2) Fast switching

Whether it is disabled on a large flow outgoing interface. You can view the interface traffic with the show interfaces switching command. Then re-enable fast switching on the interface. Remember fast Switching is configured on the output interface.

(3) Fast switching on the same interface is disabled. If an interface is equipped with multiple network segments (secondary addresses) and the traffic between these segments is very large, the router works in process-switches mode. To enable IP on the interface in this case Route-cache Same-interface.

Second, with show interfaces and show interfaces switching command to identify a large number of packets in and out of the port;

Once you are sure to enter the port, open the IP accounting on the outgoing interface to see its features. If it is an attack, the source address will change but the destination address is unchanged. You can use Access list to temporarily resolve such problems ( Preferably on a device close to the source of the attack, the final solution is to stop the attack source.

(1) The router is configured with IP NAT (network address translation) and has many DNS (Domain Name System) packets traversing router. UDP or TCP packets with the source and/or destination port (DNS) are always punted to process level by NAT.

(2) Routers are over-used unable to process amount of traffic, can use load among other routers or consider purchasing high-end router.

(3) Packages packaged through X.25 because of the flow control on the second Open System interconnection (OSI) layer.7.compressed traffic. If there is no compression S Ervice Adapter (CSA) in the router, compressed packets must is process-switched.8.encrypted traffic. If there is no encryption Service Adapter (ESA) in the router, encrypted packets must is process-switched.

(4) A large number of user Datagram Protocol (UDP) traffic. Can be solved with the steps of solving spoof attack.

(5) A large number of broadcast packets. Check the number of broadcast packets in the show interfaces command output.

(6) A large number of multicast streams across routers. Can enable fast switching of multicast packets using the IP Mroute-cache Interface configuration command (fast switching of Multicast packets is off by default).

(7) Need to Policy Routing package. Before Cisco IOS version 11.3, policy-routed packets could not be fast switched. IOS version 11.3 allows policy-routed packets to be fast switched. Use the interface command IP route-cache policy.