Think I am, doing vpdn/l2tp on SRC1/2/3/4 and SRD1/2, vaccess not being freed up, debug sss says:
Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Vi2.4877 is still in use by LTERM data-plane and interface conceeds: #sh int virtual-access 2.4877 | in status Vaccess status 0x200, free pending L2X switching completion This is a problem as you can see: #sh vpdn sess | in essions L2TP Session Information Total tunnels 2 sessions 1369 #sh vtempla | in pend Current free pending: 8100 (and counting) #sh idb | in Max Maximum number of Software IDBs 32000. In use 9487. Contextual SSS dump: #sh log | in uid:589 Jul 20 11:28:11 BST: SSS MGR [uid:589]: Sending a Unset the session key(s) ID Mgr request Jul 20 11:28:11 BST: SSS MGR [uid:589]: Removing the following data from ID Mgr: Jul 20 11:28:11 BST: SSS MGR [uid:589]: ID Mgr returned status: 'updated' for Unset the session key(s) Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Vi2.4877 is still in use by LTERM data-plane Jul 20 11:28:11 BST: SSS MGR [uid:589]: No child sessions attached Jul 20 11:28:11 BST: SSS MGR [uid:589]: Processing a client disconnect Jul 20 11:28:11 BST: SSS MGR [uid:589]: Handling Send Service Disconnect action Jul 20 11:28:11 BST: SSS MGR [uid:589]: Failed to send aaa event Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Switching session unprovisioned Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Uninstalled Vi2 process path switching vector Jul 20 11:28:11 BST: SSS LTERM [uid:589]: Uninstalled Vi2 fastsend path switching vector Jul 20 11:28:11 BST: SSS MGR [uid:589]: Handling Disconnecting, Network Service Feature Clean action Jul 20 11:28:11 BST: SSS MGR [uid:589]: Sending a Session End ID Mgr request Jul 20 11:28:11 BST: SSS MGR [uid:589]: ID Mgr returned status: 'deleted' for Session End Jul 20 11:28:11 BST: SSS MGR [uid:589]: Freeing vaccess interface Vi2.4877, 69EAA23C claims to be fixed if I downgrade to SRC, don't quite believe this, nothing new appear to be fixed in , which is annoying (SRC itself too buggy to use here) have noticed that the leak slows down when enabling "vpdn multihop" (even though not used anywhere in any radius attributes) just going through all the SSS features it claims are disabled and enabling them in order to slow the leak down (next on my list is SGBP) Would appreciate anybody who has experienced this coming forward, I have a TAC case open in which I've mentioned I believe it is this bug but case is running at a snail's pace :( Dave. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
