No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
CPU Usage Becomes High After DNS Mapping Is Configured on the AR3260

CPU Usage Becomes High After DNS Mapping Is Configured on the AR3260

This section provides a case that the CPU usage becomes high after DNS mapping is configured on the AR3260.

Networking

Fault Symptom

An internal PC is required to access an internal server using the public domain name. The configuration file is as follows:

nat alg dns enable
#
nat dns-map ztbzx.huangshi.gov.cn 1.1.1.2 80 tcp
nat dns-map www.hsztbzx.com 1.1.1.2 80 tcp
#

After the configuration is complete, the CPU usage becomes high and an alarm is generated.

Jun 5 2013 08:57:55+00:00 AR3260 %%01MON/4/CPU_USAGE_HIGH(l)[0]:The CPU is overloaded, and the tasks with top three CPU occupancy are VALP(91%), SOCK(0%), AREM(0%). (CpuUsage=97%, Threshold=80%) 
Jun 5 2013 08:56:48+00:00 AR3260 %%01MON/4/CPU_USAGE_HIGH(l)[1]:The CPU is overloaded, and the tasks with top three CPU occupancy are VALP(87%), SOCK(0%), QADP(0%). (CpuUsage=93%, Threshold=80%) 
Jun 5 2013 08:54:13+00:00 AR3260 %%01MON/4/CPU_USAGE_HIGH(l)[2]:The CPU is overloaded, and the tasks with top three CPU occupancy are VALP(94%), QADP(1%), SOCK(0%). (CpuUsage=100%, Threshold=80%)

Fault Analysis

There are many hosts on the internal network. When DNS ALG is enabled and internal hosts forward packets with domain names, the packets need to be sent to the AR for parsing.

To solve the problem, perform the following operations:

  1. Delete the DNS ALG and DNS mapping configuration.
    undo nat alg dns enable
    undo nat dns-map ztbzx.huangshi.gov.cn 1.1.1.2 80 tcp
    undo nat dns-map www.hsztbzx.com 1.1.1.2 80 tcp
  2. Configure the NAT server on GE1/0/0.
    #
    acl number 3000
     rule 0 permit ip source 192.168.1.0 0.0.0.255 destination 1.1.1.2 0
    #
    interface GigabitEthernet1/0/0
     ip address 192.168.1.1 255.255.255.0
     nat outbound 3000 //Configure Easy IP when an internal host accesses IP address 1.1.1.2 and change the source address to the IP address of GE1/0/0 to ensure that packets exchanged between the internal server and host are forwarded by the router.
     nat server protocol tcp global 1.1.1.2 www inside 192.168.1.2 www  //Change the destination address to the private address when an internal host accesses IP address 1.1.1.2.

Suggestion

The ALG function enables the NAT device to identify the IP address or port number in the data field, and to translate addresses according to the mapping table. The AR supports ALG for DNS, FTP, SIP, PPTP, and RTSP.

When many internal hosts use domain names to access internal servers and NAT ALG is enabled, the AR's CPU usage becomes high. You can use outbound NAT or NAT server to prevent this problem.

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 447801

Downloads: 4305

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next