LMS 3.2 netconfig poor performance

Advertisement
We are seeing timeouts, commands skipping, error message "command authorization failed' , and running very slow while running netconfig ad-hoc commands on 3750's
It seems that many of the problems occur with the interface range command.
We have aaa running on the 3750's and think that command authorization might be part of the problem, but smaller changes execute without problem.
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa accounting send stop-record authentication failure
aaa accounting update newinfo
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
Has anyone also encountered this type of issue?
thanks
Mark
Advertisement

Replay

It might be worth investigating why this is happening.  It could be due to network latency between the LMS and the AAA server.  You could measure this using an IP SLA TCP connect operation from one affected IOS device to the AAA server (on tcp/49).  While it won't measure the TACACS+ protocol itself, it will tell you how long the TCP handshake is taking.  After that, you could look at AAA server statistics to see if the server is too bogged down.  If you're using an external database, perhaps there is some latency there which can be fixed.
Please support CSC Helps Haiti
https://supportforums.cisco.com/docs/DOC-8895
https://supportforums.cisco.com