[c-nsp] Need suggestion on cisco 3560 sw IOS

Jeremy Bresley brez at brezworks.com
Thu Jun 26 20:57:34 EDT 2014 

On 6/26/2014 5:31 PM, David Farrell wrote:
> On 26/06/2014 22:38, Nick Hilliard wrote:
>> I've seen several boxes running 15.0(2)SE and rebuilds suddenly die with
>> memory problems.  The box would be fine for many months, then one day 
>> the
>> monitoring system would show that it had suddenly started losing ~1% 
>> memory
>> per hour and then would crash a couple of days later with OOM. I caught
>> one in the act last week, and "show memory" suggested that the dot1x
>> process was chewing up fragments all over the place.  dot1x was 
>> disabled on
>> that switch.
> I've seen similar with 15.0(2)SE on the 2960G but I suspected the SSH 
> process according to "sh mem", possibly exacerbated by monitoring the 
> SSH port for availability. When ours died only a power cycle brought 
> the thing back, as opposed to IOS crashing/rebooting... Unpleasant.
>
> I'm planning a downgrade to 12.2(55)SE9 on two units this weekend. 
> I've had the code running on a test switch to my satisfaction, I'll 
> attempt to remember to note any oddities here.

If you're running into out of memory issues on 15.0(2)SE or 15.2(1)SE 
trains, and aren't doing AutoSmartPorts, try doing a no macro auto 
monitor in your config.  This was the cause of memory leaks that we 
experienced on several hundred 3560G/3560X's across multiple sites.  
Sites with large numbers of port up/down events seemed to hit it even 
quicker.  With this disabled we've been pretty happy with 15.0(2)SE4's 
stability for the last 6-9 months or more. We were testing 15.2(1)SE but 
ran into major issues with ip device tracking causing all kinds of 
duplicate IP issues/alert messages. Anybody else encounter this and have 
a fix for it in a predominantly MS environment (Win2K8/2K12 servers for 
DHCP, Win7/8 clients).  The ip device tracking delay 10 didn't make any 
difference when we tried it.  We'd really like to find a fix for it so 
we can get RSVP snooping enabled for mediatrace (dependent on ip device 
tracking)

Jeremy "TheBrez" Bresley
brez at brezworks.com

More information about the cisco-nsp mailing list