1. Archive Configuration on receiving configuration change events --> is checked.

2. Hold off time(min) --> 10 (default value)

The thing is that configuration changes do not occur that often in order for PI to telnet to all switches, every 20min!

Just want to check if you have the same problem as we have. Our Prime countioulsy Telnet and SSH to most of our switches, even if we don't do any configuration Changes.

Try uncheck the "Archive Configuration on receiving configuration change events" and see if the Telnet do devices stops.

Even if I uncheck "Archive Configuration on receiving configuration change events" the telnets and ssh still continue!

Is anyone facing a similar problem?

How can it be overcome?
 

Hi Katerina,

How often is your Prime server set to collect switch inventory under the background tasks? I believe for Prime 1.3 it is labeled as Wired switch inventory.  For the Prime server that I run (2.1.2) our switch inventory is set to collect once everyday regardless of config changes, in where Prime will SSH/Telnet the device elevate and collect running config data, then enter into global configuration mode, and then exit back.  It trips the local log on the device with our traps. Hope this helps.

Regards,

Brandon

Hi Brandon,

under Administration --> Job Dashboard, I have switchSchedule (type inventory) that runs once a day.

In the background tasks I have a process called "Client Statistics" that runs every 15 minutes and another one called "Wired client status" that runs every 2hours. I thought that this was the equivalent to usertracking in LMS4.2. Could one of the above processes be the source of the telnets?

I will disable them to see what happens.

Hi all,

with the help of our partner we opened a TAC case about this behavior. The answer we got is that this is normal behavior, without an explanation as to which process might be responsible and what would change if we twicked a few timers. Allegedly, PI telnets/ssh to the devices frequently to collect information.

First question: why aren't devices polled with snmp to get the required information. Surely some modules collect information via telnet/ssh (config archive etc), but which module telnets to all switches constantly???

I regret to say, that the answer to that was something of the sort "This is how it works. Live with it"!

This was a disappointment. One would believe that people working in TAC would be at least willing to answer to customers questions. Colleagues and I have spent many hours trying to figure out if this is normal behavior of PI and what is causing it. We would have appreciated a different approach by TAC.

Anyways... as stated by TAC "there are different modules that could use telnet/ssh as a channel of obtaining data instead of SNMP".

Hope someone finds this helpful!

Hey all,

it seems that the constant telnets to devices are due to the logging of syslog on PI.

After removing the command "logging PI_ip" the telnets stopped. This solution was proposed by TAC. PI 1.3 is not a syslog server, so not sending logs to it is not a major issue. I only hope that we don't face the same problems in next releases.

I would also like to state that after capturing traffic (wireshark) of PI telnets to switches, we noticed that the telnet connection is RESET by PI.

PI > switch (FIN,ACK)

switch > PI (ACK)

PI > switch (RST)

A same capture was performed for telnets of LMS 4.1 to the same switch.

switch > LMS (FIN,PSH,ACK)

LMS > switch (ACK)

LMS > switch (FIN,ACK)

switch > LMS (ACK)

In the second case there is an orderly closure of the connection, as in the first case the connection is abruptly terminated by PI!!!