Solved

Cisco 1811W - Memory Leak?

Posted on 2009-03-30
3
534 Views
Last Modified: 2012-05-06
Hi, I just purchased and installed a Cisco 1811W router and after about a week it locked up due to memory was all used up, could only interface with it via console cable.  Both the Processory memory and the I/O memory were all used up, the processor total is 62178960 and the I/O total is 12582912, I think the process that using it up is the "IP Background" process but I'm not sure.  If I do a reload it seems to clear it up but seconds after re-connecting it to the users it locks up again.  Here's my config:

_______________________________________

Cisco1811W#show run
Building configuration...

Current configuration : 6189 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1811W
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
enable secret 5 XXXXXXXXXXXXXXXX
enable password XXXXXXXXX
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-1940331043
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1940331043
 revocation-check none
 rsakeypair TP-self-signed-1940331043
!
!
crypto pki certificate chain TP-self-signed-1940331043
 certificate self-signed 01
    XXXXXXXXXXXXXXXXXXXXX
        quit
!
!
!
dot11 ssid ssid1
   authentication open
   guest-mode
!
!
!
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 100.100.100.225 100.100.100.239
ip dhcp excluded-address 100.100.100.250 100.100.100.254
ip dhcp ping timeout 200
!
ip dhcp pool sdm-pool
   network 100.100.100.224 255.255.255.224
   dns-server 100.100.100.30 100.100.100.30
   default-router 100.100.100.254
!
!
ip cef
ip domain name domain.com
ip name-server 100.100.100.30
ip name-server 100.100.100.30
no ipv6 cef
!
multilink bundle-name authenticated
!
!
username root privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
archive
 log config
  hidekeys
!
!
bridge irb
!
!
!
interface FastEthernet0
 description $ETH-WAN$
 ip address 200.200.200.202 255.255.255.252
 ip access-group 199 in
 ip mask-reply
 ip nat outside
 ip virtual-reassembly
 speed auto
 half-duplex
!
interface FastEthernet1
 no ip address
 shutdown
 speed auto
 half-duplex
!
interface FastEthernet2
 spanning-tree portfast
!
interface FastEthernet3
 spanning-tree portfast
!
interface FastEthernet4
 spanning-tree portfast
!
interface FastEthernet5
 spanning-tree portfast
!
interface FastEthernet6
 spanning-tree portfast
!
interface FastEthernet7
 spanning-tree portfast
!
interface FastEthernet8
 spanning-tree portfast
!
interface FastEthernet9
 spanning-tree portfast
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 key 1 size 40bit 0 XXXXXXXXXXX transmit-key
 encryption vlan 1 mode wep mandatory
 !
 ssid ssid1
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
 54.0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 shutdown
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$
 no ip address
 ip mask-reply
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 bridge-group 1
!
interface Async1
 no ip address
 encapsulation slip
!
interface BVI1
 ip address 100.100.100.254 255.255.255.224
 ip access-group 198 in
!
router rip
 redistribute connected
 network 100.0.0.0
 network 200.0.0.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http client source-interface FastEthernet0
!
logging trap debugging
access-list 198 deny   tcp any any eq 1433 log
access-list 198 deny   udp any any eq 1433 log
access-list 198 deny   tcp any any eq 1434 log
access-list 198 deny   udp any any eq 1434 log
access-list 198 permit icmp any any log
access-list 198 permit ahp any any
access-list 198 permit eigrp any any
access-list 198 permit igmp any any
access-list 198 permit ipinip any any
access-list 198 permit nos any any
access-list 198 permit ospf any any
access-list 198 permit pcp any any
access-list 198 permit pim any any
access-list 198 permit gre any any
access-list 198 permit esp any any
access-list 198 permit ip any any
access-list 199 permit tcp 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit udp 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit ip 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit tcp 150.150.150.32 0.0.0.31 any log
access-list 199 permit udp 150.150.150.32 0.0.0.31 any log
access-list 199 permit ip 150.150.150.32 0.0.0.31 any log
access-list 199 permit tcp any any established
access-list 199 permit udp any eq domain any log
access-list 199 permit icmp any any log
access-list 199 deny   ip any any log
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
no cdp run

!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 login local
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 password letmein
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 password letmein
 login local
 transport input telnet ssh
!

!
webvpn cef
end

________________________________________

Is there anything I need to disable or is this a memory leak?  Any help is appreciated.

Thanks!
0
Comment
Question by:Popeyediceclay
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
asdlkf earned 250 total points
Comment Utility
I'm going to throw a guess out there that you have the word "log" about 300,219,591 times, but no logging server.


Go grab Kiwi, throw it on a server, set your router to log to the server.
Even if this is not the case, (that your logs are outgrowing your free space), it'll permit you to keep logs up until the moment it crashes (if it does so again).

-- Chris
0
 
LVL 3

Author Comment

by:Popeyediceclay
Comment Utility
Done, but I won't really know anything new until I put it back in action.  Do the logs stay in memory for some reason?  I've had it this way on my 1720 router for years and haven't had an issue with that.
0
 
LVL 3

Author Closing Comment

by:Popeyediceclay
Comment Utility
I haven't seen it crash since adding a logging host, thanks!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now