21 Aug

Troubleshooting ASA high memory issues

Problem Category: Security – Network Firewalls and Intrusion Prevention Systems
Problem Subcategory: Adaptive Security Appliance (ASA) non-VPN problem
Problem Type: Product Feature/Function Question
Problem Details: We suspected there is a memory leak on our ASA 5585-X. Can you guide me where to look for the “fragment size” value from the “show memory detail” output.

TAC reply:
++ I understand that you are looking towards the fragment size value in the show mem detail output and then based on the values would determine the bin size value to be used in show mem binsize
++ From the details shared, I see that the total free memory available on the unit is 68%.
++ Also if you could observe the details pertaining to the counters “MAX CONTIGOUS FREE MEM” and “Free MEM” they values are more are less the same which indicates that the amount of memory being leaked by fragmentation is not high (almost nil).
++ Now coming to the point where you were concerned over the outputs of fragments size across the device, usually the count associated with the block size increases and decreases when the block size are released back, if we observe an abnormal increase in the count value for any blocks and continue to see that they are not released which would be indicated by the count value.
++ Depending on the block size that we see the count abnormally increasing we can specify that value in the command show mem binsize

Show Memory Detail
Gather the output of “show memory detail”
Look in the column listed “total (bytes)” under the “MEMPOOL_GLOBAL_SHARED POOL STATS” to find the 5 largest values
Issue the command “show memory binsize” using the associated value under “fragment size (bytes)”

Memory Tracking
Enable the command “memory tracking enable” to turn on memory tracking
Issue the command “show memory tracking” at regular intervals to see the change in memory allocation
Issue the command “show memory tracking address | i ” where is the pc counter (in hex) of the largest growing process from the previous step
Gather the output “show memory tracking dump
” for any of the memory address locations picked at random from the output of the previous step

Also check  http://itsecworks.wordpress.com/2010/11/23/troubleshooting-asa-high-memory-issues/

Incoming search terms:

  • https://advanxer com/blog/2013/08/troubleshooting-asa-high-memory-issues/
  • Allocs asa
  • asa how to clear MEMPOOL_GLOBAL_SHARED memary
  • how to increase memory on cisco firewall
  • troubleshoot asa high memory usage
  • cisco asa memory troubleshoot
  • 5545x show memory top-usage cisco
  • where to check the memory utilization for Cisco ASA firewall
  • asa 5585 backplane utilisation high
  • ASA memori utilization
  • asa nat memory allocation
  • asa show memory utilisation
  • asa system memory usage reached 85%
  • cisco asa 5585 memory high
  • cisco asa clear used memory
13 Jun

Cisco NX-OS/IOS Configuration Differences and tidbits

Differences between IOS and NXOS.


IOS to NXOS migration tool

Minimum Recommended Code Levels.

Data Center switching support forums on Cisco.com.

11 Jun

Cisco NX-OS: Virtual PortChannel Quick Configuration Guide


A virtual PortChannel (vPC) allows links that are physically connected to two different Cisco Nexus 5000 Series devices to appear as a single PortChannel to a third device. The third device can be a Cisco Nexus 2000 Series Fabric Extender or a switch, server, or any other networking device. A vPC can provide Layer 2 multipathing, which allows you to create redundancy by increasing bandwidth, enabling multiple parallel paths between nodes and load-balancing traffic where alternative paths exist.

Read More

10 May

Installing Cisco DCNM on Red Hat/CentOS

Cisco Prime Data Center Network Manager (DCNM) is designed to help you efficiently implement and manage virtualized data centers. It includes a feature-rich, customizable dashboard that provides visibility and control through a single pane of glass to Cisco Nexus and MDS products.


1. You must have a desktop manager installed
2. Run dcnm installer from GUI (double-click), not from terminal
update: in v6.x you need to run the script from terminal, the installer wizard will popup to your desktop
Read More

Incoming search terms:

  • dcnm red hat linux
  • install dcnm on linux