Junos OS

Hi Guys, 

I recently encounter issue on my EX4200 running on JUNOS 13.2X51-D30.4 . The switch EX4200 experiece a high cpu load and I think it causing packet loss (verified by running ping {ip} repeat 500 via Cisco). 

As I check, 

#show chassis routing-engine
Routing Engine status:
CPU utilization: 

User: 20 percent
Background :  0 percent
Kernel:  26 percent
Interrupt:  2 percent
Idle:  53 percent

I issued show system processes extensive and I found sdif using a lot of CPU resources. 

#show system processes extensive
last pid: 6734; load averages: 0.78, 0.70, 0.67 up 3+16:34:08 00:23:17
118 processes: 5 running, 92 sleeping, 1 zombie, 20 waiting

Mem: 352M Active, 62M Inact, 82M Wired, 144M Cache, 110M Buf, 340M Free
Swap:

1025 root 2 44 -52 71184K 17444K select 25.0H 32.52% sfid

Can you tell me what is cuasing this? and how do I fix the issue? What other items I need to check that coiside with sfid ?

Hope you can shed a light/

Thanks

Hello,

SFID is Software Forwarding Daemon. It is responsible control protocol packets processing & punting to RE including STP/ARP/IGMP/LACP/LLDP/VRRP/BFD/you name it.

Please check:

1/ if Your switch is operating close to or at the scale limits, i.e. for EX4200:

- 16K ARP entries

- 300 ARP/sec learn rate per PFE

- 32K learned MAC addresses

etc

2/ whether You are using aggressive protocol timers:

- if You are using BFD, timers less than 500msec are not recommended for EX4200

- if You are using Ethernet OAM, timers less than 100ms are not recommended for EX4200

HTH

Thanks

Alex

Hi aarseniev, 

Sorry that I am fairly new to Junos, Can you possible give me which command, I need and how to ajust settings, etc. 

Thanks

Btw , we are using BGP facing ISP, which ISP advertising a lot of route/ ip blocks. 

# show route | count
Count: 9551 lines

#> show ethernet-switching statistics mac-learning
Learning stats: 20 learn msg rcvd, 0 error, 9 forced update

#> show arp 

Total entries: 82

Hello,

---

@wizzkid888 wrote:

Btw , we are using BGP facing ISP, which ISP advertising a lot of route/ ip blocks. 

 

# show route | count
Count: 9551 lines

 

---

This is not route count but lines count in the printout. Please post "show route summary" printout.

Also, is Your EX facing the raw internet? If yes does it have filter for control plane protection? Is EX being brute-forced via SSH, telnet or Jweb?

HTH

Thanks
Alex

Hi Alex, 

I dont think the EX is being brute force? I experience this before and it shows on log messages right? currently, nothing odd on log except my login/ logout via ssh. and i dont see anything on sh system alarm.

Your EX facing the raw internet? If yes does it have filter for control plane protection?

-- I have to check with ISP, but the BGP my router in is not actually internet, its IX. 

Here's the route summery, sorry that I have to remove the AS number and IP. 

#> show route summary 

Autonomous system number: xxxxxxx
Router ID: x.x.x.x.

inet.0: 3179 destinations, 3179 routes (3178 active, 0 holddown, 1 hidden)
Direct: 3 routes, 3 active
Local: 3 routes, 3 active
BGP: 3172 routes, 3171 active
IGMP: 1 routes, 1 active

*** on EX4200, what is the maximum/ acceptable routes? 

Also, I noticed that the packet loss on the switch only happen between 6:00PM to 1:00AM, beyond this time, there's no packet loss. 

1. previously the switch is runnng on Firmware 10, CPU hover around 37% PL started 6:00PM  and end 1:00AM

2. I upgrade the fireware to 13.2X51-D30.4, its uses more CPU resources, and now hovers around 49% PL started 6:00PM  and end 1:00AM, beyond this time, say in 10AM, CPU hovers around 38% but there's no Packet loss. 

Thanks,