cidDUMP Crash


CID DUMP Crash 2811 ISR Router - IPS Module

Before going through below verify  that the module is configured for fail-open:

Sh run int ids-sensor 0/1
interface IDS-Sensor0/1
 ip unnumbered FastEthernet0/0
 service-module fail-open – failover
 hold-queue 60 out

The license key on the AIM-IPS has expired.
The system will continue to operate with the currently installed
signature set. A valid license must be obtained in order to apply
signature updates. Please go to http://www.cisco.com/go/license
to obtain a new license or install a license.
Error: Cannot communicate with mainApp (getVersion). Please contact your system administrator.
Would you like to run cidDump?[no]:


This will happen when the sensor cannot communicate correctly with the operating system that is running. Running a cidDump will give you a lot of information regarding the state of the IPS module just like that of ‘show tech-support’

Router#service-module ids-Sensor 0/1 reload -  Reloading of the module will do a soft restart of the operating system on the module to try and bring it back up
Do you want to proceed with reload?[confirm]
Trying to reload Service Module IDS-Sensor0/1.
changing state from: SERVICE_MODULE_STATE_STDY to SERVICE_MODULE_STATE_SHDN


Router#service-module ids-Sensor 0/1 status – Check the status of the module after a reload
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is failed  - Eventually it will either come back in the Failed State or Steady State
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available

Router#service-module ids-Sensor 0/1 reload – With the failed above try to reload one more time to get a response from the OS.
Do you want to proceed with reload?[confirm]
Trying to reload Service Module IDS-Sensor0/1.
changing state from: SERVICE_MODULE_STATE_FAIL to SERVICE_MODULE_STATE_SHDN

Router#service-module ids-Sensor 0/1 status
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is trying to recover from reset/shutdown – You will see that the module is trying to recover and load the operating system back for the sensor to be accessible.
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available








Router#service-module ids-Sensor 0/1 status – The module comes back in failed state again so
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is failed
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available



Router#service-module ids-Sensor 0/1 shutdown  - Do a complete shutdown of the hardware / OS because the module was unresponsive
Do you want to proceed with shutdown?[confirm]
Service module is not in steady state: shutdown may not work! proceed?[confirm]
Use service module reset command to recover from shutdown.

WARNING: Confirm that the service-module status shows 'is Shutdown' before removing the module or powering off the system !
changing state from: SERVICE_MODULE_STATE_FAIL to SERVICE_MODULE_STATE_HALT

Router#service-module ids-Sensor 0/1 status – Check status to make sure shutdown occurred
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is Shutdown 
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available


Router#service-module ids-Sensor 0/1 reset – Reset the module will bring up the hardware and OS after a complete shutdown. If you do a reset BEFORE shutdown you have the potential of losing all configurations and corrupting the OS completely.  If you do the reset after as should only unsaved configurations will be wiped.
Use reset only to recover from shutdown or failed state
Warning: May lose data on the the NVRAM, nonvolatile file system or unsaved configuration!
Do you want to reset?[confirm]
Trying to reload Service Module IDS-Sensor0/1.
changing state from: SERVICE_MODULE_STATE_HALT to SERVICE_MODULE_STATE_ERRQ


Router#service-module ids-Sensor 0/1 status – Check status for recovery
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is trying to recover from error
Service Module heartbeat-reset is enabled
Service Module is in fail open
Service Module status is not available

Router#service-module ids-Sensor 0/1 status – Check status again to see if the state is failed or steady
Service Module is Cisco IDS-Sensor0/1
Service Module supports session via TTY line 258
Service Module is in Steady state –
Service Module heartbeat-reset is enabled
Getting status from the Service Module, please wait..

Cisco Systems Intrusion Prevention System Network Module – The following information will show up when the state is back.
  Software version:  7.0(1)E3
  Model:             AIM-IPS
  Memory:            443504 KB
  Mgmt IP addr:      5.5.5.5
  Mgmt web ports:    443
  Mgmt TLS enabled:  true

Try logging into MGMNT IP of the IPS Module  now and you should be back to the regular prompt.

***LICENSE NOTICE***
The license key on the AIM-IPS has expired.
The system will continue to operate with the currently installed
signature set.  A valid license must be obtained in order to apply
signature updates.  Please go to http://www.cisco.com/go/license
to obtain a new license or install a license.

2811_IPS#


Comments

  1. AnonymousFebruary 16, 2015 at 11:03 PM

    Excellent info!!! just what I needed.... thanks a lot!!!

    ReplyDelete

Post a Comment

Popular posts from this blog

HULC LED PROCESS - 3750 High CPU

Image
If you're looking at a switch and you see the HULC LED Process running high. The HULC LED process does some of the following tasks: 1. Check link status on every port 2. If the switch supports POE, it checks to see if there is a power device 3. Transceiver checks 4. Fan status updates 5. Set LED ports 6. Check on temperature status Overall the HULC LED Process is a monitoring process running. During looking into this I turned off all non-used ports since it checks the link status. Then I made sure the environment was good. Two Cisco Bugs: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi78581 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn42790
Read more

Cisco Tomcat High CPU Utilization 99 percent

Image
So a client was experience slow web interface usage to their calling node. As well RTMT was shooting off the alert. The alert is for Call Process CPU Node Pegging.  The culprit tomcat! Cisco Tomcat Service -  In enterprise edition this is a web server service. In the business edition (BE Servers) this uses the web server and unity utilizes the service as well. Log in to each call manager node and issue the following command: show process load cpu **OUTPUT** top - 08:55:48 up 340 days, 4:03, 1 user, load average: 4.64, 3.25, 2.98  Tasks: 142 total, 2 running, 140 sleeping, 0 stopped, 0 zombie  Cpu(s): 16.3%us, 3.4%sy, 0.0%ni, 80.1%id, 0.1%wa, 0.0%hi, 0.2%si, 0.0%st  Mem: 4016964k total, 3856400k used, 160564k free, 29904k buffers  Swap: 2064280k total, 1664k used, 2062616k free, 598124k cached  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND  8065 tomcat 25 0 2317m 1.9g 22m S 99.4 50.4 358084:37 tomcat  1 root 15 ...
Read more