Cisco Campus Network Design Basics

Hello Sonti

High CPU usage on a Cisco switch can be caused by several factors including:

  1. Large MAC address table - The MAC address table takes up memory, and if it gets too large, it can use excessive amounts of memory. This will typically indicate a MAC flooding attack where a large number of spoofed MAC addresses are sent to the switch causing the MAC address table to overflow. Use the show mac address-table command to
  2. Excessive logging - Check to see if you have any ACL logging or debugs set up, and check what the size of the local logging buffer is. If it is too large, you may be overflowing the memory.
  3. Malware or DDoS attacks - These may also cause high memory usage. In this case you should use network security tools to identify and block malicious traffic. One quick and dirty solution is to implement ACLs that will allow only acceptable traffic.
  4. Routing tables - If your switch is a Layer 3 switch, a very large routing table will also cause high memory usage.
  5. Large ARP tables - ARP tables are another construct that switches use, and if these get too large, this is another source of high memory usage. Unusually large ARP tables may be a result of APR spoofing attacks and should be investigated.

These are just some of the causes of high memory usage and are by no means exhaustive. However, to resolve such issues, you must monitor the memory usage on the switch. This can be done by using certain CLI commands that show the status of the memory and how it is being utilized.

  • Check Memory Statistics:
    • Use the show memory command to display detailed statistics about memory usage.
    • Use the show processes memory command to display memory usage for each process
    • Use the show processes memory sorted command to display the memory usage of all processes, sorted by the amount of memory used.running on the switch.
  • Check Buffer Statistics:
    • Use the show buffers command to display buffer statistics. Buffers are used by the switch to temporarily store data packets.
  • Check I/O Memory:
    • Use the show memory io command to display the I/O memory statistics.

These are just some of the commands that can get you started in troubleshooting high memory usage on a Cisco switch.

I hope this has been helpful!

Laz