09-06-2013 06:13 AM - edited 03-11-2019 07:34 PM
Hello,
I am into a frustrating situation about a router Cisco 2901 (Firewall + IPS installed) and at every few days (3 -4 days) I get no internet connection . After I restart the router , the internet connection works.
I have a small datacenter : 2 web servers Dell that host : DNS, Web, Email.
I have submited a case and the enginner told me that : "These errors are popped out when the controller is bad and according to some previous Service Request as raised with Cisco, an RMA has normally resolved the issue".
.......................................................
MSI 192, name: wic_mbrd_hdlc_error, hdlr 0x3069BCA0, cnt 1, ctx 0x0, slot 0, IO_Controller, ERR, number 0
MSI 193, name: wic_mbrd_hdlc_error, hdlr 0x3069BCA0, cnt 0, ctx 0x1, slot 0, IO_Controller, ERR, number 1
.......................................................
So they replaced the router with a new one . I have installed and configured the new router . I''m not a cisco specialist, I used Cisco configuration professional.
After 3 days after the new router installation I get again : "No internet connection" for ~30 minutes . After that I reset the router and then the internet connection works. The network was working.
This time I can access it I I get the logs :
082401: *Sep 6 03:56:52.008 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x32C5B100, alignment 32
Pool: Processor Free: 3230580 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 32C41914z 32C4C608z 32C387C8z 32C389D0z 32C2E550z 32C2E534z
082402: *Sep 6 03:56:52.012 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for Firewall State . No memory available -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 32C2E550z 32C2E534z
082403: *Sep 6 03:57:02.048 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for ipnat entry. No memory available -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 32C2E550z 32C2E534z
082404: *Sep 6 03:57:02.508 UTC: %LICENSE-2-VLS_ERROR: 'VLSnotifyBirthAndExpiryEvents' failed with an error - rc = 25 - 'Error[25]: Could not understand the message received from license server on host "no-net".
--More-- Client-server version mismatch?
'
-Traceback= 32C2E550z 32C2E534z
082406: *Sep 6 03:57:20.464 UTC: %COMMON_FIB-3-NOMEM: Memory allocation failure for path list in Common CEF [0x31B2CB58] (fatal) (0 subsequent failures).
082446: *Sep 6 04:12:28.528 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x32C5B100, alignment 32
Pool: Processor Free: 3277308 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 32C41914z 32C4C608z 32C387C8z 32C389D0z 32C2E550z 32C2E534z
082447: *Sep 6 04:12:28.528 UTC: %SYS-2-CHUNKEXPANDFAIL: Could not expand chunk pool for IPS DP DYNAMIC . No memory available -Process= "Chunk Manager", ipl= 4, pid= 1
-Traceback= 32C2E550z 32C2E534z
082451: *Sep 6 04:13:33.872 UTC: %SYS-2-MALLOCFAIL: Memory allocation of 65536 bytes failed from 0x32C5C898, alignment 16
Pool: Processor Free: 3287156 Cause: Memory fragmentation
Alternate Pool: None Free: 0 Cause: No Alternate pool
-Process= "IP ARP Adjacency", ipl= 3, pid= 119
-Traceback= 32C41914z 32C4DDA0z 31B83C8Cz 31B85A64z 31B860B8z 31B7EF44z 31B2CF40z 31AEB994z 31B30B24z 31B30C74z 31AE05B8z 31AE06FCz 31BE9024z 3013EEB4z 3013F218z 3013F370z
--More-- 082452: *Sep 6 04:13:33.872 UTC: %COMMON_FIB-3-NOMEM: Memory allocation failure for validating prefix in IPv4 CEF [0x31ADD990] (fatal) (0 subsequent failures).
082453: *Sep 6 04:13:33.872 UTC: %COMMON_FIB-4-DISABLING: IPv4 CEF is being disabled due to a fatal error.
I contact again suport case but I received an general answer that tells me that "this might happen due to a normal or abnormal event............".
Can somebody help me ?
If the memory was full , why the router don't try a release / renew command ? Is the a command that can tell the router : whenever the memory is full to release / renew it ?
I hae attached the router configuration .
09-06-2013 07:13 AM
I saw on forums that some workaround is to
- replace ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 with IP route 0.0.0.0 0.0.0.0 DHCP .
- or replace with ip route 0.0.0.0 0.0.0.0 x.x.x.x !next hop IP
Who is in my case next hop ip ? The ip from WAN (GigabitEthernet0/1) ?
----------------
interface GigabitEthernet0/0
description $ETH-LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface GigabitEthernet0/1
description $ETH-WAN$$FW_OUTSIDE$
ip address 88.x.x.157 255.255.255.128
no ip redirects
no ip unreachables
no ip proxy-arp
ip verify unicast reverse-path
ip nat outside
ip ips sdm_ips_rule in
ip virtual-reassembly in
zone-member security out-zone
duplex auto
speed auto
no cdp enable
no mop enabled
!
ip forward-protocol nd
!
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip nat inside source static 192.168.1.88 34.x.x.178
ip nat inside source static 192.168.1.89 34.x.x.179
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
!
-----------------
How can I do this ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide