cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
962
Views
0
Helpful
3
Replies

Pix 515E Memory Allocation Failure

gavinfoster
Level 1
Level 1

Hello Experts,

I am using a Pix515E with 8.0(3) and 128MB RAM. It ran OK for months but has recently had several episodes during which it produced streams of memory allocation failures (syslog 211001). When in this condition I could not log into the VPN. It was still operating but some users were having problems and I eventually had to restart it.

The traffic load is typically 10Mbps, and the max number of connections is around 10,000 but typically 5,000. The CPU usage is 10%-20%.  There is 1 VPN with normally 1 client.

The memory usage is always high, between 115MB and 120MB but during these problems it creeps higher.

Why might the memory usage be so high when my network load is quite light for the 515E? What circumstances cause the memory usage to increase during operation? Is there anything I can do to prevent the memory usage increasing to the point where the PIX crashes?

I have a second 515E with 8.0(4)32 and 64MB RAM, loaded with the same config. I have not had this one in service, but off-line it is using 53MB of memory. If the spare pix needs 53MB to load the firmware and my config, why does the other one use 115MB?

Many thanks for any assistance.

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

I would suggest that you upgrade the PIX to the latest version of 8.0.x that you can upgrade on the PIX. The earlier version of 8.0.x has some bugs that might have been resolved in the later version. Further to that, I would also like to advise you that PIX has also reached its EOL, and you might want to look into the replacement.

Here is the EOL notification for your reference:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_eol_notice0900aecd8073fa36.html

Hi Jennifer,

Thanks for your suggestion, I will look into upgrading the s/w but I think 8.0(4) is possibly the latest version that the 515E supports.

Since my pix did run for many months without this problem occurring, I would really prefer to understand what is happening before upgrading or replacing the existing pix. If I don't understand what is happening, I can't be confident that a s/w upgrade will prevent it!  Of course if someone can confirm that my problem is due to a known bug in 8.0(3), I will upgrade immediately, but I haven't been able to find any reports of this.

Thanks again.

If you prefer to investigate the issue further, please open a TAC case and an engineer can assist you with the investigation. This is assuming that you have a Smartnet contract that covers the PIX firewall.

Review Cisco Networking for a $25 gift card