Solved

Cisco 1811W - Memory Leak?

Posted on 2009-03-30
3
548 Views
Last Modified: 2012-05-06
Hi, I just purchased and installed a Cisco 1811W router and after about a week it locked up due to memory was all used up, could only interface with it via console cable.  Both the Processory memory and the I/O memory were all used up, the processor total is 62178960 and the I/O total is 12582912, I think the process that using it up is the "IP Background" process but I'm not sure.  If I do a reload it seems to clear it up but seconds after re-connecting it to the users it locks up again.  Here's my config:

_______________________________________

Cisco1811W#show run
Building configuration...

Current configuration : 6189 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1811W
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
enable secret 5 XXXXXXXXXXXXXXXX
enable password XXXXXXXXX
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-1940331043
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1940331043
 revocation-check none
 rsakeypair TP-self-signed-1940331043
!
!
crypto pki certificate chain TP-self-signed-1940331043
 certificate self-signed 01
    XXXXXXXXXXXXXXXXXXXXX
        quit
!
!
!
dot11 ssid ssid1
   authentication open
   guest-mode
!
!
!
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 100.100.100.225 100.100.100.239
ip dhcp excluded-address 100.100.100.250 100.100.100.254
ip dhcp ping timeout 200
!
ip dhcp pool sdm-pool
   network 100.100.100.224 255.255.255.224
   dns-server 100.100.100.30 100.100.100.30
   default-router 100.100.100.254
!
!
ip cef
ip domain name domain.com
ip name-server 100.100.100.30
ip name-server 100.100.100.30
no ipv6 cef
!
multilink bundle-name authenticated
!
!
username root privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
archive
 log config
  hidekeys
!
!
bridge irb
!
!
!
interface FastEthernet0
 description $ETH-WAN$
 ip address 200.200.200.202 255.255.255.252
 ip access-group 199 in
 ip mask-reply
 ip nat outside
 ip virtual-reassembly
 speed auto
 half-duplex
!
interface FastEthernet1
 no ip address
 shutdown
 speed auto
 half-duplex
!
interface FastEthernet2
 spanning-tree portfast
!
interface FastEthernet3
 spanning-tree portfast
!
interface FastEthernet4
 spanning-tree portfast
!
interface FastEthernet5
 spanning-tree portfast
!
interface FastEthernet6
 spanning-tree portfast
!
interface FastEthernet7
 spanning-tree portfast
!
interface FastEthernet8
 spanning-tree portfast
!
interface FastEthernet9
 spanning-tree portfast
!
interface Dot11Radio0
 no ip address
 !
 encryption vlan 1 key 1 size 40bit 0 XXXXXXXXXXX transmit-key
 encryption vlan 1 mode wep mandatory
 !
 ssid ssid1
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
 54.0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Dot11Radio1
 no ip address
 shutdown
 speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
 station-role root
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$
 no ip address
 ip mask-reply
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 bridge-group 1
!
interface Async1
 no ip address
 encapsulation slip
!
interface BVI1
 ip address 100.100.100.254 255.255.255.224
 ip access-group 198 in
!
router rip
 redistribute connected
 network 100.0.0.0
 network 200.0.0.0
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip http client source-interface FastEthernet0
!
logging trap debugging
access-list 198 deny   tcp any any eq 1433 log
access-list 198 deny   udp any any eq 1433 log
access-list 198 deny   tcp any any eq 1434 log
access-list 198 deny   udp any any eq 1434 log
access-list 198 permit icmp any any log
access-list 198 permit ahp any any
access-list 198 permit eigrp any any
access-list 198 permit igmp any any
access-list 198 permit ipinip any any
access-list 198 permit nos any any
access-list 198 permit ospf any any
access-list 198 permit pcp any any
access-list 198 permit pim any any
access-list 198 permit gre any any
access-list 198 permit esp any any
access-list 198 permit ip any any
access-list 199 permit tcp 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit udp 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit ip 150.150.150.32 0.0.0.31 host 200.200.200.202 log
access-list 199 permit tcp 150.150.150.32 0.0.0.31 any log
access-list 199 permit udp 150.150.150.32 0.0.0.31 any log
access-list 199 permit ip 150.150.150.32 0.0.0.31 any log
access-list 199 permit tcp any any established
access-list 199 permit udp any eq domain any log
access-list 199 permit icmp any any log
access-list 199 deny   ip any any log
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
no cdp run

!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
 login local
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
line vty 0 4
 privilege level 15
 password letmein
 login local
 transport input telnet ssh
line vty 5 15
 privilege level 15
 password letmein
 login local
 transport input telnet ssh
!

!
webvpn cef
end

________________________________________

Is there anything I need to disable or is this a memory leak?  Any help is appreciated.

Thanks!
0
Comment
Question by:Popeyediceclay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 11

Accepted Solution

by:
asdlkf earned 250 total points
ID: 24021114
I'm going to throw a guess out there that you have the word "log" about 300,219,591 times, but no logging server.


Go grab Kiwi, throw it on a server, set your router to log to the server.
Even if this is not the case, (that your logs are outgrowing your free space), it'll permit you to keep logs up until the moment it crashes (if it does so again).

-- Chris
0
 
LVL 3

Author Comment

by:Popeyediceclay
ID: 24021294
Done, but I won't really know anything new until I put it back in action.  Do the logs stay in memory for some reason?  I've had it this way on my 1720 router for years and haven't had an issue with that.
0
 
LVL 3

Author Closing Comment

by:Popeyediceclay
ID: 31564373
I haven't seen it crash since adding a logging host, thanks!
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question