流量监控添加交换机使用一段时间后观察到流量图老是会断,查看日志和设备信息后发现Cacti获取不到交换机的SNMP信息
然后再ping一下交换机的IP,发现有很高的延迟,于是远程登录交换机检查配置。
查看CPU占用率
WZMD1F15-C#sh processes cpu sorted | include SNMP
CPU utilization for five seconds: 99%/8%; one minute: 99%; five minutes: 99%
PID Runtime(uS) Invoked uSecs 5Sec 1Min 5Min TTY Process 233 4151587520 680981 37631 76.10% 77.15% 76.76% 0 SNMP ENGINE
231 3337772000 1302328 2562 8.79% 8.76% 8.74% 0 IP SNMP
93 1840900000 1222887 1505 3.63% 3.67% 3.72% 0 IP Input
WZMD1F15-C#sh log
*Aug 9 10:08:34: %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input queue full
*Aug 9 10:08:34: %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input queue full
*Aug 9 10:09:00: %SNMP-3-INPUT_QFULL_ERR: Packet dropped due to input queue full
可以查看到是SNMP ENGINE占用率过高
接下来
WZMD1F15-C#sh run | begin snmp
WZMD1F15-C(config)#snmp-server community public RO //启用只读的snmp
只有这么一行,再加点限制
WZMD1F15-C(config)#snmp-server host 124.x.x.x public //Specify hosts to receive SNMP notifications
WZMD1F15-C(config)#snmp-server inform retries 0 //snmp v1的inform具有重传特写,默认是3
观察一段时间,如果还是没有降下来,就加个ACL上去,限定主机存取
WZMD1F15-C(config)#access-list 66 permit 124.x.x.x
WZMD1F15-C(config)#access-list 66 deny any
WZMD1F15-C(config)#snmp-server community public RO 66
再观察一下效果,可以看到占用率降下来了
