[c-nsp] WS-C4948-10GE Memory leak

Tom Hill tom at ninjabadger.net
Wed Jun 15 20:20:46 EDT 2016


On 15/06/16 20:16, Chuck Church wrote:
> Definitely should be running something newer, given the number of
> vulnerabilities that old IOS has in it.  We've had good luck with 15.0(2)SG
> on these platforms.   SG10 looks to be the latest available.  That does have
> an NTP vulnerability in it from earlier this year, but I'm told SG11 will
> fix that, and be available sometime in July.  SG10 would be a good choice.
> Google 'IOS memory usage' and you should find a bunch of articles to
> troubleshoot.  But upgrading is probably the smartest thing to try.

Exactly what I was about to say - get upgrading. I'm running 15.0(2)SG9
I believe, and it's been wonderfully stable for me. There are a lot of
'nice' improvements in 15.x with regards to BGP (i.e. Enhanced Refresh,
Graceful Restart).

There is an odd bug in there with regards to IPv6 access-classes for
VTYs however; doing anything other than 'deny any any' by itself in the
ACL, will permit anything.

I've not submitted it as these are EoS now and I don't fancy wasting my
time, though perhaps SG10/11 fixed it - test well. :)

-- 
Tom


More information about the cisco-nsp mailing list