Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
662
Views
0
Helpful
6
Replies

ACS 3.2 memory leak in CSAuth?

dmitry
Level 1
Level 1

‎11-18-2003 07:18 AM - edited ‎03-10-2019 07:34 AM

Hi,

I have a problem with ACS 3.2 and its CSAuth eating memory. There was a bug in the previous versions with the memory leak and according to the release notes the 3.2(1.20) should be free from it but seems like it is still there: in 12 hours of being up the memory consumption has done up from around 40Mb original to 400Mb. Eventually it will crash and be started again by CSMon

Does anybody else have this issue with the latest ACS or it is just something with the W2K config where the ACS is installed

Thanks

Labels:
0 Helpful
6 Replies 6

nikhil_m
Level 1
Level 1

‎11-24-2003 06:49 AM

I guess it is commor, I mean it consumes lot of Ram

0 Helpful

engel
Level 2
Level 2

‎11-24-2003 07:28 PM

Have you open a case to the TAC?

For reference, this may the bug that you mention.

Don`t know what a NAR mean.

CSCea19930 Bug Details

Release Notes

When NARs are configured for IP based filtering, a memory leak can occur in the CSAuth.exe process.

There is no workaround. To fix, a new version of ACS is required.

First Fixed-in Version 3.0(4.7), 3.1(2.9), 3.2(1.20)

0 Helpful

dmitry
Level 1
Level 1
In response to engel

‎11-26-2003 04:52 AM

The TAC case is opened and I spoke to the engineer, he said that ACS 3.2 is compatable with W2K SP3 but not the Hot Fixes. I have all the Hot Fixes (critical only) installed on the AAA box, so I deployed another box with W2K and no Hot Fixes in the lab. There is a script running on the box that telnets to a single test router every 0.5 min, the test router send authentication, authorization, accounting info to AAA. It has been running for 3 days now and there is still a small memory leak: the CSAuth started off from taking 14Mb of RAM, now it is up to 17Mb.

The production box authenticates around 100 routers, switchs, VPN boxes + CW2000 does its frequent polls authenticating via AAA

0 Helpful

engel
Level 2
Level 2
In response to dmitry

‎11-27-2003 06:51 PM

Thanks for the information. If the CSAuth eating the memory, then someday one needs to kill the process to release the area taken by the CSAuth. This is a problem for a production environment. I have a ACS Appliance (the hardware ACS), will like to test if this box has the leaking issue also.

Best Regards,

Engel

0 Helpful

dmitry
Level 1
Level 1
In response to engel

‎12-25-2003 03:31 PM

Cisco TAC engineer agreed that there might be a memory leak in ACS 3.2(1) in despite of cisco release notes statement about fixing this. He said that it should be fixed in 3.2(2).

Also there was another problem with the device groups and their use with NAR that was suppose to be fixed in 3.2 and it was not, so I had to define the network devices (clients) separately in the NAR and not by their device groups.

0 Helpful

t.waibel
Level 1
Level 1

‎07-08-2007 11:26 PM

Hi there,

we have 2 ACS appliances running

Cisco Secure ACS: 4.0.1.42

Appliance Management Software: 4.0.1.42

Appliance Base Image: 4.0.1.1

CSA build 4.0.1.543.2: (Patch: 4_0_1_543)

Last Reboot Time: Tue Jul 03 16:49:14 2007

and it seems that also this version is having a bug with memory leak.

We need to reboot the appliances every 4 weeks in case of low memory. the last reboot was at 07/03/07 and now we there are only 8MB free memory:

CPU Load Free Disk Free Physical Memory

0.00% 16.8 GB 8.00 MB

Does anybody know if there is a bug fix in version 4.1.x?

Thanks

Torsten Waibel

0 Helpful
Customers Also Viewed These Support Documents