1811 Router Issue

Unanswered Question
Apr 10th, 2007

I have recently installed an 1811 to handle a new, 16MB internet connection from our SP. They come to me off an 8510, hit my fa/0 on the 1811, then I have another, public address on my interface that goes and hits a port on the 3560.

I configured a layer 2 vlan (vlan9)for this purpose, and assigned it to that port. Up in my core room, I have a trunk on my management vlan that goes to a 2950, and have 7 vlan9 ports.

Off those vlan9 ports are a number of devices that require, and have, public addresses, so that's working fine. There is also a PIX firewall off one of the vlan9 ports.

My problem is this, every 7-10 hours the 1811 just locks up. No getting in it to either address, and all of my internet traffic stops. As soon as I power-cycle it, everything comes back.

Could I be looking at something as simple as hardware failure (Need to replace the 1811), or is there something that would happen 2 or 3 a day that could be causing this?

Any help is much appreciated, and I can provide any "show" commands needed.

TIA for any help

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
haroon.shaikh Tue, 04/10/2007 - 18:29


I had an 1700 series router which had similar problems (it used to stop doing NAT after couple of hours and restart would solve the issue) I checked almost everything but didnt find anything. Atlast, I upgraded the router's IOS and it solved the problem.

Is it running any kind of NAT? Is it running inspection or firewall? Also, can you tell me what IOS version is it running?

Richard Burts Tue, 04/10/2007 - 18:50

The symptoms described by Kyle might be a hardware problem, but it seems to me to more likely be a software problem. Therefore the suggestion by Haroon to upgrade code may have some validity.

These symptoms of running for some period of time, having a problem which is resolved by reboot frequently are the result of a memory leak. It would be interesting to do show commands over a period of time that would allow you to see how much memory is free memory. If the amount of free memory declines over time then it certainly does sound like a memory leak.

If you have a service contract on this router it might be worth while to open a case with Cisco TAC about this. Otherwise I would plan to monitor memory usage, or plan for a software upgrade.



k.aumell Wed, 04/11/2007 - 17:20

Thanks to both of you for the ideas. Had to take today off on an emergency, so I'm not real sure what happened today, other than a reboot I received notice on around 6:00a, about 10 hours after the last.

No NAT, no inspection, no firewall turned on. Another device on the network (PIX) is supplying NAT.

IOS is Version 12.4(6)T2,


I can update at anytime, as curing the porpoising (sp?) is high on my list.

I figured if replacing the hardware won't fix it, I'll open a TAC.

We'll see what happens.

haroon.shaikh Tue, 04/10/2007 - 18:57

Yes, that's right. Checking for memory leaks would also be a very good idea.

haroon.shaikh Wed, 04/11/2007 - 17:54

I think you should do a Google search on how to check Cisco Routers for Memory Leak issue.

If you think that memory leak is not the problem then, I would probably recommend upgradig Cisco IOS and even if it doesnt solves the problem, then Cisco TAC is the answer.

But still, I would prefer IOS Upgrade first rather than memory leak if this issue is of priority.

Good Luck

* Please rate if it helps

milan.kulik Wed, 04/11/2007 - 22:59


it could also be a CPU overload causing your trouble.

Use sh proc cpu and sh proc cpu his to check the CPU load.

Best regards,

Milan Kulik

k.aumell Thu, 04/12/2007 - 09:54

OK. CPU use looks normal.

Did an IOS upgrade to 12.4(11)T1.

My memory use (using monitor in SDM) has been consistently creeping up. It looks like its gone up from about 55% at noon to 63% now.

Any ideas how to fix it, or if I should open a TAC.

Richard Burts Thu, 04/12/2007 - 13:10

If you have changed to new IOS and the memory still seems to be increasing, then I believe that you should open a TAC case.



k.aumell Thu, 04/12/2007 - 14:52


My own stupidity.

Opened a TAC case, they saw it in like 2 seconds, as I'm sure some of you would have.

Default route was fa0, so I had a 58M and growing ARP.

Changed to using the next hop address rather than fa0, and all is well.

Thanks again to all who tried to help as I overlooked a rookie mistake.

Richard Burts Thu, 04/12/2007 - 17:36

Good catch by the TAC engineer. There have been several threads on the forum discussing the implications of having a static route point to a LAN interface. This is an excellent example of why to not point a static route (especially a default route) to a LAN interface.

Thanks for updating this thread indicating the solution to your problem. It makes the forum more useful when people can read about a problem and can read about what solved the problem.

I encourage you to continue your participation in the forum.



haroon.shaikh Thu, 04/12/2007 - 18:01

Ha ha ha...

Great, this was funny, nobody thought about this...

As in Forrest Gump says, IT HAPPENS....


This Discussion