2960 Memory Leaks
Cisco 2960’s and their memory leaks have on more than one occasional left me without SSH/Telnet access, but still responding to SNMP requests. No matter which code base we have tried, the same pattern of memory usage over time can be seen. To be fair we ask a lot of these switches – we’re heavy uses of 802.1x, insist on using SSH rather than telnet, and have loads of smaller services such as DHCP snooping, RSTP, aaa accounting, ntp etc – each one uses a little memory.
Time to Reload
A handy feature is a SNMP oid which, if you have the read/write community, allows you to reboot a switch remotely if it is still responding to SNMP (which they usually do – even when telnet/ssh/console access isn’t working).
Most Linux distributions will have snmpset installed, but there are Windows equivalents of course.
snmpset -v1 -c your-rw-community-her 126.96.36.199 .188.8.131.52.184.108.40.206.9.9.0 i 2
Change your community string, and the IP address and run this sucker. I suggest keeping a ping running to the device so you can see if this has had the desired result, and so you can see when it’s back up and running again.
Long term Solution
We are in the process of looking to replace these switches which are fully EOL July 2017. I’m tempted to script up something to reload these out of hours when the memory usage is approaching that lose-ssh-access threshold.