09-24-2024 04:11 AM
we need to carry out simulations in the laboratory and consequently allocate memory or CPU at 90% as the DNA Center has been unable on several occasions to detect this condition in the Catalyst 9200 and 9300 series switches while other SNMP monitoring tools have suffered reported the excessive use of resources.
Is there a tool or command that allocates resources on a Catalyst 9000 series switch?
Thanks for your suggestions!
Emiliano
09-24-2024 04:47 AM
@esavorani wrote:
DNA Center has been unable on several occasions to detect this condition in the Catalyst 9200 and 9300 series switches
DNAC will not do anything even if memory utilization (data- and control plane) is >90%.
09-24-2024 05:35 AM
in fact this is the suspicion because for 3 times DNAC was not able to identify Core 9600 crashes and excessive memory and CPU usage showing a score of 10 and everything in green when other monitoring systems immediately noticed the problem. Now we are conducting analysis with the TAC to determine whether or not DNAC is able to identify excessive use of switch resources
09-24-2024 06:32 AM
one of CPU and memory issue is monitoring
try disable other monitoring and check
MHM
09-24-2024 03:00 PM
I guarantee DNAC does not have the function to warn if router, switch, WLC has >90% memory utilization or about to crash because of memory leak.
I know this is a true fact because we've reported this and put into "Make-A-Wish" but it was mostly ignored.
Take this for example: https://imgur.com/a/HGqH1ir
Everyone looking at this image can immediately determine it is a memory leak and it is getting worse. DNAC does not have the "AI" to see (or "analyze") the memory.
TAC does not need to "investigate": They already know.
If you want to generate a memory leak, it is laughably easy:
1. Get two 9200/9300 and stack them together.
2. Do not configure anything.
3. Load any "gold star" IOS-XE version.
4. Use any SNMP-based NMS and monitor the control-plane memory utilization. In two months, the memory will slowly rise.
09-24-2024 05:27 AM
"Is there a tool or command that allocates resources on a Catalyst 9000 series switch?"
None of which I'm aware. I doubt Cisco would publicly document any such commands. Such a tool could be used for DoS, so if such exists, might be found on the dark web.
Even without such commands or tools, if you have admin access to switch, I can envision some ways to hog memory and/or consume CPU, although they might not be very precise in managing degree of impact.
09-24-2024 05:39 AM
our case I suspect is a bug present only in 9300s that was triggered by SNMP and logging but I would like to somehow reserve memory for a process at about 90% and see if DNAC detects the condition
09-24-2024 06:20 AM
Funny you should mention logging as you configure a very large (up to 2 GB?) in memory system buffer. All you then need is syslog entries to fill it.
For CPU, years ago, I found setting up a RIP neighbor, and then increasing update frequency hit a (3750's) CPU hard.
09-24-2024 06:28 AM
Another ways to consume memory (and CPU?) would be set up a client to pass through the switches sequential IPs to an egress interface that needs each to be ARPed.
Possibly another way to consume CPU would be a SNMP client that reads the entire MIB.
09-24-2024 05:47 AM
Not aware of a command but if it’s test bed, you can try disabling spanning tree, create a loop and send a broadcast, might help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide