Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to free up RAM?

Status
Not open for further replies.
alesandro

alesandro

IS-IT--Management
Feb 25, 2004
1
0
0
SI
Hi I'm an absolute beginer to cisco.
We have a cisco 3640 wich is our border router to the internet and is also doing NAT. Lately its memory is filling up at a slow but constant rate and naturaly when it reaches closly to 100% it starts to realy slow down the trafic. We now have to restart it on a dayly baseis.
How can I free up memory?
 
Sort by date Sort by votes
Sounds like your router is getting hit with a virus. Most likely it is the Nachi. It fills your NAT table with random ICMP entries. show ip nat stat/show ip nat trans will give you an idea what is going on in there. If you notice it constantly increasing (especially with ICMP entries), then purge it out with the " clear ip nat trans * " command.

Upgrade your IOS to the latest version and scan your network for viruses....
 
Upvote 0 Downvote
Apply this access-list to Ethernet :
access-list 121 deny icmp any any echo
access-list 121 deny udp any any eq netbios-dgm
access-list 121 deny udp any any eq netbios-ns
access-list 121 deny udp any any eq netbios-ss
access-list 121 deny tcp any any eq 135
access-list 121 deny udp any any eq 135
access-list 121 deny tcp any any eq 136
access-list 121 deny udp any any eq 136
access-list 121 deny tcp any any eq 137
access-list 121 deny tcp any any eq 138
access-list 121 deny tcp any any eq 139
access-list 121 deny tcp any any eq 445
access-list 121 deny udp any any eq 445
access-list 121 deny tcp any any eq 593
access-list 121 deny udp any any eq 593
access-list 121 deny tcp any any eq 4444
 
Upvote 0 Downvote
VladJ... you forgot the access-list 121 permit ip any any at the end :)
 
Upvote 0 Downvote
Are you doing NAT or PAT??? Network Address Translation versus Port Address Translation. If you're PAT, how many devices sit behind the firewall???
 
Upvote 0 Downvote
I would turn Flow switching and see if there is one or more addresses that appear to be infected , you can look at all the ip flows by doing a show ip route-cache flow .
 
Upvote 0 Downvote
I would also decrease the NAT timeouts... that wont only decrease overall memory usage from the NAT pool but also be less of a load overall on the router's processor. Saying that, there will be spikes in the CPU processes when the NAT entries expire and get refreshed but like I said, overall it will be lower.
 
Upvote 0 Downvote
Can you get a show ver, show mem sum, show buffers and show proc cpu? It could be a slow memory leak on the existing ios regardless of the process which calls for memory.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
106
madwok
madwok
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
75
Luzbel
Luzbel
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
89
BIS
BIS
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
93
bdk76
bdk76
quazimotto
  • Locked
  • Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
42
quazimotto
quazimotto

Part and Inventory Search

Sponsor

Back
Top