Im concerned about the IOS IPS that is now in v12.4. It seems to have gone from a very easily implemented feature to one that is now extremely cumbersome, and what seems on the surface error prone.
When I enable it I can never get anymore than 3 signatures and 1 sig engine active for starters. I then go through the process of installing the key chain for the encryted package, creating the directory etc etc. When I try to compile the sig pkg it not only takes 5 mins or so to compile it also fails to enable a large portion of the engines/sigs with MALLOC failures and unsupported engines etc. (Output below). Then too my annoyance I reboot the router to see if this will resolve the issue, to find that I am back to to only 3 sigs active in my IPS config, and all the rest missing. I can only have bad feelings about how such an issue will kill you time in the lab. I then tried this on a different device just in case it was a hardware issue to find that as soon a entered the copy flash idconf cmd the router reloaded (deep joy). Hopefully this is something I am doing wrong,or a device issue. Stu R5#copy flash:IOS-S376-CLI.pkg idconf *May 31 17:24:31.787: %IPS-6-ENGINE_BUILDS_STARTED: 17:24:31 UTC May 31 2009 *May 31 17:24:31.787: %IPS-6-ENGINE_BUILDING: multi-string - 12 signatures - 1 of 13 engines *May 31 17:24:32.375: %IPS-6-ENGINE_READY: multi-string - build time 588 ms - packets for this engine will be scanned *May 31 17:24:32.395: %IPS-6-ENGINE_BUILDING: service-http - 667 signatures - 2 of 13 engines *May 31 17:24:33.067: %IPS-4-META_ENGINE_UNSUPPORTED: service-http 5903:1 - this signature is a component of the unsupported META engine *May 31 17:26:34.859: %SYS-2-MALLOCFAIL: Memory allocation of 1059916 bytes failed from 0x42F03704, alignment 0 Pool: Processor Free: 12190324 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool -Process= "Exec", ipl= 0, pid= 122, -Traceback= 0x41920FEC 0x40083D80 0x40089EF8 0x4008A62C 0x441D93C0 0x42F0370C 0x42F03E6C 0x42F03F44 0x43896FDC 0x43897A54 0x438B0B6C 0x438B0FC4 0x438E9888 *May 31 17:26:34.859: %IPS-4-SIGNATURE_COMPILE_FAILURE: service-http 5413:0 - compilation of regular expression failed *May 31 17:27:15.395: %SYS-2-MALLOCFAIL: Memory allocation of 1530912 bytes failed from 0x42F03704, alignment 0 Pool: Processor Free: 8335160 Cause: Memory fragmentation Alternate Pool: None Free: 0 Cause: No Alternate pool -Process= "Exec", ipl= 0, pid= 122, -Traceback= 0x41920FEC 0x40083D80 0x40089EF8 0x4008A62C 0x441D93C0 0x42F0370C 0x42F03E6C 0x42F03F44 0x43896FDC 0x43897A54 0x438B0B6C 0x438B0FC4 0x438E9888 *May 31 17:27:15.399: %IPS-4-SIGNATURE_COMPILE_FAILURE: service-http 5460:0 - compilation of regular expression failed *May 31 17:27:15.403: %IPS-4-SIGNATURE_COMPILE_FAILURE: service-http 5460:0 - compilation of regular expression failed *May 31 17:27:18.147: %IPS-4-SIGNATURE_COMPILE_FAILURE: service-http 5427:0 - compiles discontinued for this engine *May 31 17:27:18.147: %IPS-4-SIGNATURE_COMPILE_FAILURE: service-http 5316:0 - compiles discontinued for this engine -- Stuart Hare [email protected]
