Hi all,
I see high CPU caused by mcsnoopd on one of our switches:
user@switch> show system processes extensive | no-more
last pid: 92838; load averages: 1.40, 1.65, 1.70 up 1192+05:09:40 14:09:15
135 processes: 5 running, 110 sleeping, 20 waiting
Mem: 347M Active, 69M Inact, 74M Wired, 64M Cache, 110M Buf, 426M Free
Swap:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
1152 root 1 131 0 7976K 4312K RUN 47.0H 63.87% mcsnoopd
1106 root 2 8 -88 70808K 17552K nanslp 586.0H 28.27% sfid
1108 root 1 8 0 85512K 30632K nanslp 1175.8 1.12% pfem
11 root 1 171 52 0K 16K RUN ??? 0.00% idle
I think to remember that IPv6 mc is punted to CPU, so I configured the following Filter:
set interfaces lo0 unit 0 family inet6 filter input re-protect-inet6
set firewall family inet6 filter re-protect-inet6 term deny-all then count inet6-to-be-denied
set firewall family inet6 filter re-protect-inet6 term deny-all then discard
and now things are looking much better:
user@switch> show system processes extensive | no-more
last pid: 93234; load averages: 0.20, 0.06, 0.18 up 1192+05:53:25 14:53:00
135 processes: 6 running, 109 sleeping, 20 waiting
Mem: 347M Active, 69M Inact, 75M Wired, 64M Cache, 110M Buf, 426M Free
Swap:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
11 root 1 171 52 0K 16K RUN ??? 94.97% idle
1108 root 1 96 0 85512K 30876K RUN 1175.8 0.93% pfem
1106 root 2 44 -52 70808K 17552K select 586.0H 0.05% sfid
1105 root 1 4 0 17592K 10992K kqread 503.0H 0.00% chassism
Question:
1) Does it still true that IPv6 multicast traffic is punted to CPU on EX4200 with newer Junos versions (I'm currently still using 12.1)?
2) Any other way to prevent high cpu in this case (besides disabling igmp snooping completely)?
Thx,
Stefan