High CPU load for switches GS1900-24E

Yuri_S
Yuri_S Posts: 9
First Anniversary Friend Collector First Comment
edited August 2022 in Switch
Good day.
I' m newbie in Zyxel products and switch configuring. Hope that answer on my question is near, but I can' t find it without help.

So, I have to identical switches GS1900-24E, they has fresh firmware - V2.40(AAHK.1)_20180705 | 07/05/2018

My problem is that both switches permanently has high CPU load about 100%



Also web-interface works very slowly.
There are no any VoIP used in network, no custom VLANs, no loops and errors in syslog


only unclear, that often ports go in "down" mode for few seconds and than return in "up"  mode.
Also I trued ti connect by SSH to investigate issue deeper, but also have no luck with unclear error.


Both switch are in production mode.

Can anybody describe me what is reason of this high CPU load and I can fix this issue?

Best regards.

To moderators.
Dear friends, this is my first topic in given forum. If I made mistake and wrongly selected place with given topic, please do not remove it, just move to right place. I really need help to fix given issue.
Thanks



«1

All Replies

  • Zyxel_JonasTan
    Zyxel_JonasTan Posts: 94  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @Yuri_S,

    Welcome to Zyxel Community!
    Based on your description, I assume that there is a loop in your network environment.
    Please help to verify if the "Loop Guard" feature is enabled, because if the feature is disable. In the monitor page for loop guard will not display if there is a loop occur in the environment.

    Steps:
    1. Access GS1900-24E via web.
    2. This page is to activate the loop guard feature.
    Configuration > Loop Guard 


    3. Choose and check the port that would like to enable loop guard then click edit.
    Configuration > Loop Guard > Port


    4. In this page it will display which port will be modify. Configure enable to activate loop guard and for the action is you may choose what will the switch action after detecting a loop event. In the example I've used "Shutdown and Log".

    Configuration > Loop Guard > Port > Edit


    5. This page is to verify the status for loop guard configuration.
    Configuration > Loop Guard > Port


    Verification:
    1. If there is a loop detected, it will display like the status below.
    Example: Port 4 & 5 have loop.
    Monitor > Loop Guard


    2. For the log status will display like the figure below.
    Monitor > Management >Syslog


    Thanks for supporting Zyxel!
    Jonas
  • Good day.
    Many thanks for provided solution.

    I confirmed, that Loop Guard was enabled before this issue happened, but there were no loops detected.
    Also I rebooted both switches yesterday evening and issue was repaired. I don't know what was  reason of this high CPU load, but after reboot I have CPU load about 15-25% for both switches
    I will monitor status for few next days and will update this topic.

    Thanks in advance.

    Yuri.
  • So, few hours ago this issue returns.
    Now I again have high CPU load on both switches. Need you support to investigate given issue.

    Thanks in advance
  • With the help of command show process activity I determined, that process cli makes this high CPU load.

    is this abnormal activity of my Putty-client or something else?
  • Zyxel_JonasTan
    Zyxel_JonasTan Posts: 94  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @Yuri_S,

    Thanks for the show process status.
    I'll PM you to retrieve more detail information.

    Thanks.
    Jonas
  • Good day @Zyxel_Jonas
    I provided requested infromation in PM

    With best regards
  • Good day
    do we have any updates?

    Best regards.
  • @Yuri_S, have you received an update on your high CPU utilization issue? I am researching and studying the ZyXel GS1900 family of switches. In general, I love the technical specs. I am doing my diligence to gather real world implementation examples and support.
  • AFT
    AFT Posts: 3
    First Comment

    Hello :-)

    I have exactly the same situation here. Same as above: Loop Guard is active - but no loops detected. The only difference is, that we see this issue on a GS1900-8. I use V2.40(AAHH.2) | 06/05/2019 as firmware, I replaced the wires and of course I took a brandnew GS1900-8 but all fails. After booting the switch, it stays for 1-2 hrs. afterwards again 100% CPU. Checking the SSH console, I can see that 3 processes (called "CLI") consume more than necessary. The load average goes up to 1.55. So, dear ZyXEL, how are we going to fix this?

    BR,

    Marco

  • Zyxel小編 Lucious
    Zyxel小編 Lucious Posts: 278  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    edited July 2019

    Hi @AFT


    Welcome to Zyxel community!


    For starters, we'd like to point out the cause has nothing to do with Loop Guard.

    We resolved the original case by mirroring packets towards switch's management and it turned out there were periodical "malicious" packet generated by certain scheduled anti-virus/scanning task on client's end device. The huge amount of packets simultaneously rushed into CPU and hanged the switch.

    The solution is to use "Remote Access Control" (Configuration -> Management -> Remote Access Control) restricting a desired access IP range. It prevents untrusted packet from CPU processing.

    Hopefully it helps.


    Zyxel_Lucious