Slow CLI Response 3560-24 12.2(50) SE1

Unanswered Question
Sep 17th, 2009

It takes about 5-10 seconds to execute any command via a telnet session to the switch. There is a redundant 3560-24 running the same IOS uplinked via the same GigE 2960G-24TT with no issue. The problem switch is actually less populated then the switch which is responding fine. I am using a AAA model for aaa pointing the same ACS server and it seems that the problem switch does not generate the packets destined for ACS to verify the user logged is allowed to execute each command for 5-10 seconds then there is an immediatte response to the switch from the ACS server. There is no duplex, congestion, CPU or memeory related issues on the problem and I could not find a bug which fits this problem.

1 26 WS-C3560-24TS 12.2(50)SE1 C3560-IPSERVICESK9-M

CPU utilization for five seconds: 6%/0%; one minute: 5%; five minutes: 5%

Processor Pool Total: 79089092 Used: 18573560 Free: 60515532

I/O Pool Total: 8380416 Used: 3578476 Free: 4801940

Driver te Pool Total: 1048576 Used: 40 Free: 1048536

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Peter Paluch Thu, 09/17/2009 - 12:19

Joseph,

As you have yourself stated, it is possible that there is a problem in communication between your switch and the ACS server. Is it possible for you to temporarily disable the AAA functions on the switch, best reverting to the "no aaa new-model" and seeing if the console starts responding promptly? If this little experiment succeeds then it would confirm your suspicion. It will then be necessary to focus on the reachability of the ACS server from your switch and checking for configuration/communication problems with the ACS.

Best regards,

Peter

joseph-foster Thu, 09/17/2009 - 12:22

I don't think it is a communication issue between the switches IP interface and the ACS server. Looking at a live sniffer, the switch does not seem to generate the packets for the duration of the lag once they are the command is executed. I am really leaning towrds an IOS and/or hardware related issue, the same aaa settings preside on the twin 3560's also, same management subnet and same path even to reach the ACS server.

Actions

This Discussion