Accepted Solutions
Contact Cisco License Team and they can provide the PKU to activate HSEC easier, faster and less hassle.
If it is possible, avoid upgrading to 16.10.X and later. Cisco "Smart" License (CSL) is not crack up as it meant to be. CSL does not provide any "benefit" to anyone. Not even to Cisco themselves. CSL is high in maintenance. For instance, if the appliance has an expired QuoVadis root CA 2 certificate and nobody was able to detect this then the appliance's memory will have a leak in the "keyman" process.
Have a look at the two pictures below.
Picture above is a "normal" (control plane) memory leak of a stacked 3850/9300 switch. Notice the rate of climb is pretty "gradual" or smooth.
Compare that to the next one.
Orange box is a "normal" (control plane) memory leak of a stacked 3850/9300 switch. Starting March 2022, the QuoVadis certificate expired and the memory leak spiked because we "did nothing". Green box is when I applied the workaround.
The message I want to push is this: Keep it simple. IOS-XE is not the same as classic IOS. IOS-XE is far more complicated than classic IOS and a lot of things can go (really) wrong with IOS-XE. IOS-XE requires daily monitoring of CPU and memory utilization (data and control plane).
Keep it simple. Avoid CSL.
Hi
There´s a procedure to change from traditional licensing to smart licensing. If you already have Smart Account you can follow this procedure and have all you licensing on the smart account.
Contact Cisco License Team and they can provide the PKU to activate HSEC easier, faster and less hassle.
If it is possible, avoid upgrading to 16.10.X and later. Cisco "Smart" License (CSL) is not crack up as it meant to be. CSL does not provide any "benefit" to anyone. Not even to Cisco themselves. CSL is high in maintenance. For instance, if the appliance has an expired QuoVadis root CA 2 certificate and nobody was able to detect this then the appliance's memory will have a leak in the "keyman" process.
Have a look at the two pictures below.
Picture above is a "normal" (control plane) memory leak of a stacked 3850/9300 switch. Notice the rate of climb is pretty "gradual" or smooth.
Compare that to the next one.
Orange box is a "normal" (control plane) memory leak of a stacked 3850/9300 switch. Starting March 2022, the QuoVadis certificate expired and the memory leak spiked because we "did nothing". Green box is when I applied the workaround.
The message I want to push is this: Keep it simple. IOS-XE is not the same as classic IOS. IOS-XE is far more complicated than classic IOS and a lot of things can go (really) wrong with IOS-XE. IOS-XE requires daily monitoring of CPU and memory utilization (data and control plane).
Keep it simple. Avoid CSL.
