If you are running into switches being unresponsive and kicking users out that you may be running into a memory leak issue or memory spiking due to some fault that is causing the switch to cause a memory spike.
you can always run the “sh logging” command to see what is in the logs
if ¬†you see this error message “%AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory” this means that “AAA” is causing some issues with memory spike
AAA, is an acronym for Authentication, Authorization, and Accounting. This allows an administrator to configure granular access and audit ability to an IOS device
A few signs that memory is being spiked are listed below
- ¬†You are not able to SSH into the switch
- Random users start having access issues within the same switch
- The switch port does not show any error messages
This usually starts when memory has gone over 85 % – different outcome for different Cisco switch models – in this case the error was being caused by a dynamic access list which was not configured correctly and kept spiking the memory –
You can also check the crash files if the switches crash for more details.
I would recommend using the Solarwind tools to monitor the switch memory performance and get alerts before the switch goes into that state. use this link provided¬† to download the free trial from¬† Solarwind monitoring tools
link for the bug and Cisco explanation in our case, this was due to the switch configured for Radius authentication with every port configured for 802.1x authentication with Cisco ISE
if you run into this type of error – I recommend that to call Cisco support to see what may be causing this in ¬†your case