[c-nsp] CSCsj19555 (vpdn vaccess leak in 12.2SR) anybody hit this?

David Freedman david.freedman at uk.clara.net
Mon Jul 20 06:43:21 EDT 2009


Think I am,

doing vpdn/l2tp on SRC1/2/3/4 and SRD1/2, vaccess not being freed up,
debug sss says:

Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Vi2.4877 is still in use by
LTERM data-plane


and interface conceeds:


#sh int virtual-access 2.4877 | in status
  Vaccess status 0x200, free pending L2X switching completion


This is a problem as you can see:

#sh vpdn sess | in essions
L2TP Session Information Total tunnels 2 sessions 1369

#sh vtempla | in pend
Current free pending: 8100 (and counting)

#sh idb | in Max
Maximum number of Software IDBs 32000.  In use 9487.


Contextual SSS dump:

#sh log | in uid:589
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Sending a Unset the session
key(s) ID Mgr request
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Removing the following data from
ID Mgr:
Jul 20 11:28:11 BST: SSS MGR [uid:589]: ID Mgr returned status:
'updated' for Unset the session key(s)
Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Vi2.4877 is still in use by
LTERM data-plane
Jul 20 11:28:11 BST: SSS MGR [uid:589]: No child sessions attached
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Processing a client disconnect
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Handling Send Service Disconnect
action
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Failed to send aaa event
Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Switching session unprovisioned
Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Uninstalled Vi2 process path
switching vector
Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Uninstalled Vi2 fastsend path
switching vector
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Handling Disconnecting, Network
Service Feature Clean action
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Sending a Session End ID Mgr request
Jul 20 11:28:11 BST: SSS MGR [uid:589]: ID Mgr returned status:
'deleted' for Session End
Jul 20 11:28:11 BST: SSS MGR [uid:589]: Freeing vaccess interface
Vi2.4877, 69EAA23C


claims to be fixed if I downgrade to SRC, don't quite believe this,
nothing new appear to be fixed in , which is annoying (SRC itself too
buggy to use here)

have noticed that the leak slows down when enabling "vpdn multihop"
(even though not used anywhere in any radius attributes)

just going through all the SSS features it claims are disabled and
enabling them in order to slow the leak down (next on my list is SGBP)

Would appreciate anybody who has experienced this coming forward, I have
a TAC case open in which I've mentioned I believe it is this bug but
case is running at a snail's pace :(


Dave.



More information about the cisco-nsp mailing list