Killing stuck process

Arista:
# bash
$ ps –ef | grep -i Stp
$ sudo kill PID

CheckPoint:
ps -auxww  Report all active processes in the kernel we can see zombi process with this command  (z)
You must first identify the parent process of these zombies;
ps -l -p <pid of zombie>
pidof fwd (splat)
pgrep -l sshd   Find the PIDs of processes by (part of) name
ps axjf              See in tree format also i can see parent pid )
pmap PID       Memory map of process (good for hunting memory leaks)

Displaying the top 10 CPU-consuming processes (% of total usage)
ps aux | head -1; ps aux | sort -rn +2 | head -10
Displaying the processes in order of real memory use
ps vx | head -1 ; ps vx | grep -v PID | sort -rn +6 | head -10

Displaying the processes using whatchdog (CPWD) for  (CDP,FWM,FWD)
cpwd_admin list
more explanation on  this post
******************************************************
Kill a Firewall process
kill -9 (pid of process)
fw kill [-t sig] proc_name
Example:
fw kill -t 9 fwm
Also process can be kill with top command and just press -k follow by process PID

Cisco:
# show processes cpu sorted
# clear sockets PID

F5
# ps ax | grep -i sshd
# kill -9 PID

Fortinet:
-check version
# fnsysctl cat /proc/version
Linux version 2.4.37 (root@build) #1 Mon Dec  4 20:51:05 UTC 2017
-check running daemon
# fnsysctl ls /var/run
alertmail.pid       authd.pid           bgpd.pid
cmdbsvr.pid         cw_acd.pid          daemon.pid
dhcpd.pid           dnsproxy.pid        eap_proxy.pid
fclicense.pid       fcnacd.pid          fgfmd.pid
fnbamd.pid          foauthd.pid         forticldd.pid
forticron.pid       fsvrd.pid           httpclid.pid
httpd.pid           iked.pid            imi.pid
init.pid            ipsengine.pid       ipsmonitor.pid
isisd.pid           kmiglogd.pid        merged_daemons.pid
miglogd000.pid      miglogd001.pid      nsm.pid
ntpd.pid            ospf6d.pid          ospfd.pid
pdmd.pid            pim6d.pid           pimd.pid
pyfcgid.pid         ripd.pid            ripngd.pid
snmpd.pid           sshd.pid            stpd.pid
telnetd.pid         updated.pid         uploadd.pid
wpad.pid            zebos_launcher.pid
-check running PID
# fnsysctl ps
PID       UID     GID     STATE   CMD
1         0       0       S       /bin/initXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
2         0       0       S       [keventd]
3         0       0       S       [ksoftirqd_CPU0]
4         0       0       S       [kswapd]
5         0       0       S       [bdflush]
6         0       0       S       [kupdated]
7         0       0       S       [memoryd]
8         0       0       S       [khubd]
12        0       0       S       [usb-storage-0]
13        0       0       S       [scsi_eh_0]
31        0       0       S       [mvl_link]
32        0       0       S       /bin/cmdbsvr
38        0       0       S       /bin/zebos_launcher
39        0       0       S       /bin/nsm -L 2
40        0       0       S       /bin/ripd -L 2
41        0       0       S       /bin/ripngd -L 2
42        0       0       S       /bin/ospfd -L 3
43        0       0       S       /bin/ospf6d -L 2
44        0       0       S       /bin/bgpd -L 3
45        0       0       S       /bin/isisd -L 2
46        0       0       S       /bin/pimd -L 2
47        0       0       S       /bin/pim6d -L 2
48        0       0       S       /bin/pdmd -L 2
49        0       0       S       /bin/imi -L 2
50        0       0       S       /bin/uploadd
51        0       0       S       /bin/miglogd
52        0       0       S       /bin/kmiglogd
53        0       0       S       /bin/httpsd
55        0       0       S       /bin/getty
56        0       0       S       /bin/ipsmonitor
59        0       0       S       /bin/merged_daemons
60        0       0       S       /bin/fnbamd
61        0       0       S       /bin/fclicense
62        0       0       S       /bin/ipshelper
63        0       0       S       /bin/forticron
64        0       0       S       /bin/forticldd
65        0       0       S       /bin/authd
66        0       0       S       /bin/foauthd
67        0       0       S       /bin/httpclid
68        0       0       S       /bin/iked
69        0       0       S       /bin/updated
70        0       0       S       /bin/snmpd
71        0       0       S       /bin/dhcpd
72        0       0       S       /bin/miglogd 1
73        0       0       S       /bin/ntpd
74        0       0       S       /bin/sshd
75        0       0       S       /bin/telnetd
78        0       0       S       /bin/alertmail
79        0       0       S       /bin/dnsproxy
80        0       0       S       /bin/eap_proxy
81        0       0       S       /bin/fgfmd
82        0       0       S       /bin/cw_acd
83        0       0       S       /bin/wpad_ac
84        0       0       S       /bin/stpd
85        0       0       S       /bin/fsvrd
87        0       0       S       /bin/fcnacd
92        0       0       S       /bin/httpsd
93        0       0       S       /bin/httpsd
94        0       0       S       /bin/httpsd
510       0       0       S       /bin/pyfcgid
512       0       0       S       /bin/pyfcgid
513       0       0       S       /bin/pyfcgid
514       0       0       S       /bin/pyfcgid
553       0       0       S       /bin/sshd
554       0       0       S       /bin/newcli
556       0       0       R       ps

-you can use diag to check 100 the most 100 top resources with 25s delay, but the list not as comprehensive as “fnsysctl ps” above
# diag sys top 25 100
Run Time:  0 days, 8 hours and 15 minutes
0U, 0N, 0S, 100I; 499T, 253F
         pyfcgid      510      S       0.0     5.1
         pyfcgid      512      S       0.0     5.0
         pyfcgid      513      S       0.0     5.0
         pyfcgid      514      S       0.0     5.0
         cmdbsvr       32      S       0.0     5.0
          httpsd       94      S       0.0     4.7
          httpsd       93      S       0.0     4.7
          httpsd       53      S       0.0     4.1
          cw_acd       82      S       0.0     4.0
          httpsd       92      S       0.0     3.9
       forticron       63      S       0.0     3.3
         miglogd       51      S       0.0     3.3
          newcli      560      R       0.0     3.1
          newcli      554      S       0.0     3.1
           fgfmd       81      S       0.0     3.0
       ipshelper       62      S <     0.0     2.5
          fcnacd       87      S       0.0     2.4
           authd       65      S       0.0     2.3
            iked       68      S       0.0     2.2
       eap_proxy       80      S       0.0     2.2

-for example we want to check dhcp PID
# fnsysctl more /var/run/dhcpd.pid
71
-to kill dhcpd
# diag sys kill 9 71
or
# fnsysctl kill -9 71
-to disable dhcpd service
# config sys dhcp server
# edit 1
# set status dis
-to enable back
# set status ena

HP:

Juniper:
> show system processes extensive
last pid: 16727; load averages: 22.24, 22.19, 22.15 up 0+17:39:34 01:26:10
265 processes: 28 running, 215 sleeping, 1 zombie, 21 waiting
Mem: 970M Active, 128M Inact, 147M Wired, 230M Cache, 112M Buf, 386M Free
> start shell
% top
   last pid: 37244; load averages: 0.04, 0.03, 0.00 up 16+16:18:49 09:19:44 52 processes:    1 running, 51 sleeping, , 1 zombie, 21 waiting
   CPU states: 2.5% user, 0.0% nice, 0.6% system, 0.3% interrupt, 96.6% idle Mem: 429M     Active, 69M Inact, 59M Wired, 165M Cache, 110M Buf, 258M Free
If the PID is identified from CLI, or the top command
% ps aux | grep –Wz
Pid=16396
Pid=13256
-to kill target PID
# kill -9 16396

Mikrotik:

PaloAlto:
Sangfor:

SonicWall:

Sophos:
Advertisements

Multi-Chassis Link Aggregation (MLAG)

SOURCE:
Image.png
SW1
hostname SW1
vlan 30
vlan 4094
  trunk group mlagpeer
interface Port-Channel3
  switchport mode trunk
  mlag 3
interface Port-Channel4
  switchport mode trunk
  mlag 4
interface Port-Channel10
  switchport mode trunk
  switchport trunk group mlagpeer
interface Ethernet1
  channel-group 10 mode active
interface Ethernet2
  channel-group 10 mode active
interface Ethernet3
  channel-group 3 mode active
interface Ethernet4
  channel-group 4 mode active
interface Vlan4094
  no autostate
  ip address 12.0.0.1/30
mlag configuration
  domain-id mlag1
  local-interface Vlan4094
  peer-address 12.0.0.2
  peer-link Port-Channel10
end
wr

SW2
hostname SW2
vlan 30
vlan 4094
  trunk group mlagpeer
interface Port-Channel3
  switchport mode trunk
  mlag 3
interface Port-Channel4
  switchport mode trunk
  mlag 4
interface Port-Channel10
  switchport mode trunk
  switchport trunk group mlagpeer
interface Ethernet1
  channel-group 10 mode active
interface Ethernet2
  channel-group 10 mode active
interface Ethernet3
  channel-group 3 mode active
interface Ethernet4
  channel-group 4 mode active
interface Vlan4094
  no autostate
  ip address 12.0.0.2/30
mlag configuration
  domain-id mlag1
  local-interface Vlan4094
  peer-address 12.0.0.1
  peer-link Port-Channel10
end
wr

SW3
hostname SW3
no spanning-tree vlan 4094
vlan 30
interface Port-Channel3
  switchport mode trunk
interface Ethernet1
  switchport access vlan 30
interface Ethernet3
  channel-group 3 mode active
interface Ethernet4
  channel-group 3 mode active
end
wr

SW4
hostname SW4
no spanning-tree vlan 4094
vlan 30
interface Port-Channel4
  switchport mode trunk
interface Ethernet1
  switchport access vlan 30
interface Ethernet3
  channel-group 4 mode active
interface Ethernet4
  channel-group 4 mode active
end
wr

VERIFICATION
SW1#sh mlag
MLAG Configuration:
domain-id           :               mlag1
local-interface     :            Vlan4094
peer-address        :            12.0.0.2
peer-link           :      Port-Channel10
peer-config         :          consistent
MLAG Status:
state               :              Active
negotiation status  :           Connected
peer-link status    :                  Up
local-int status    :                  Up
system-id           :   52:00:00:cb:38:c2
MLAG Ports:
Disabled            :                   0
Configured          :                   0
Inactive            :                   0
Active-partial      :                   0
Active-full         :                   2

SW1# sh mlag interfaces detail
                                        local/remote
 mlag         state   local   remote    oper    config    last change   changes
—— ————- ——- ——– ——- ———- ————– ——-
    3   active-full     Po3      Po3   up/up   ena/ena    0:13:09 ago         4
    4   active-full     Po4      Po4   up/up   ena/ena    0:13:09 ago         4

SW1#sh lacp sys-id detailed
System Identifier used by LACP:
System priority: 32768
Switch MAC Address: 50:00:00:d7:ee:0b
  802.11.43 representation: 8000,50-00-00-d7-ee-0b
MLAG System-identifier: 52:00:00:cb:38:c2
  802.11.43 representation: 8000,52-00-00-cb-38-c2

SW2#sh mlag
MLAG Configuration:
domain-id           :               mlag1
local-interface     :            Vlan4094
peer-address        :            12.0.0.1
peer-link           :      Port-Channel10
peer-config         :          consistent
MLAG Status:
state               :              Active
negotiation status  :           Connected
peer-link status    :                  Up
local-int status    :                  Up
system-id           :   52:00:00:cb:38:c2
MLAG Ports:
Disabled            :                   0
Configured          :                   0
Inactive            :                   0
Active-partial      :                   0
Active-full         :                   2

SW2#sh mlag interfaces detail
                                        local/remote
 mlag         state   local   remote    oper    config    last change   changes
—— ————- ——- ——– ——- ———- ————– ——-
    3   active-full     Po3      Po3   up/up   ena/ena    0:14:28 ago         4
    4   active-full     Po4      Po4   up/up   ena/ena    0:14:28 ago         4

SW2#sh lacp sys-id detailed
System Identifier used by LACP:
System priority: 32768
Switch MAC Address: 50:00:00:cb:38:c2
  802.11.43 representation: 8000,50-00-00-cb-38-c2
MLAG System-identifier: 52:00:00:cb:38:c2
  802.11.43 representation: 8000,52-00-00-cb-38-c2

SW2#sh etherchannel detailed
Port Channel Port-Channel3 (Fallback State: Unconfigured):
  Active Ports:
       Port                Time became active       Protocol    Mode
    ——————- ———————— ————– ——
       Ethernet3           16:59:15                 LACP        Active
       PeerEthernet3       16:59:16                 LACP        Active
Port Channel Port-Channel4 (Fallback State: Unconfigured):
  Active Ports:
       Port                Time became active       Protocol    Mode
    ——————- ———————— ————– ——
       Ethernet4           16:59:15                 LACP        Active
       PeerEthernet4       16:59:16                 LACP        Active
Port Channel Port-Channel10 (Fallback State: Unconfigured):
  Active Ports:
       Port            Time became active       Protocol    Mode
    ————— ———————— ————– ——
       Ethernet1       16:59:06                 LACP        Active
       Ethernet2       16:59:06                 LACP        Active

Stackwise, VSS, VPC, MLAG

SOURCE:
https://supportforums.cisco.com/discussion/12367366/vss-vs-stackwise-vs-vpc

Stackwise:
This is the Proprietary cabling mechanism and is limited to distance. The advantage of Stackwise over VSS is that you can add/stack around 9 devices at one go.Were as you cant do the same with VSS.

Another advantage is that if stacking device does not require any configuration only that the device needs to be supported.
Cisco StackWise technology unites up to nine individual switches into a single logical unit, using special stack-interconnect cables and stacking software. The individual switches can be any combination of Cisco Catalyst 3750 and Cisco Catalyst 3750-E Series Switches.

VSS (Virtual Switching System):
SOURCE:
http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-virtual-switching-system-1440/prod_qas0900aecd806ed74b.html

VSS can be done with 4500 or 6500 series . It supports only two chasis and it uses 10GE interfaces and can be geographically separated.

VPC (Virtual PortChannel):
SOURCE:
http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/configuration_guide_c07-543563.html

It is Nexus specific technology and you cant configure this with other catalyst switches.
This is the new technology were in you can connect one switch (Access)to two uplink switches(distribution switch) and form an ether channel between them. Thats the good advantage of VPC which none of them have.

MLAG (Multichassis Link Aggregation):
SOURCE:
http://ethancbanks.com/2014/03/27/the-ethernet-switching-landscape-part-04-multichassis-link-aggregation-mlag/

Both Arista’s MLAG and Cisco’s vPC are similar to configure and operate, with similar concerns. In general, I found the Arista MLAG setup a bit easier, because many of the details are handled for the network operator when compared to the more granular fussiness of the vPC configuration.

MLAG is the ability of two and sometimes more switches to act like a single switch when forming link bundles. This allows a host to uplink to two switches for physical diversity, while still only having a single bundle interface to manage.

Also, two switches could connect to two other switches using MLAG, with all links forwarding.

For access layer when I have only 3750 stackable switches I cant do VSS or VPC on that hence would be using stacking and connecting them together to have single access.

6500/4500 I would use the VSS here at the distribution layer to avoid much impact.
VPC is best but you need to have Nexus device if you want to use this feature.

Arista vEOS under VirtualBox in GNS3 1.2.1

Download Arista vEOS vmdk and Aboot-veos from https://www.arista.com/en/support/software-download

In my example are Aboot-veos-2.1.0.iso and vEOS-lab-4.14.2F.vmdk

Set boot order to cd first
1
2
Set CD/DVD Drive as IDE Primary Slave
3
4
5
6
vEOS1:
login: admin
Last login: Tue Dec 16 12:48:19 on ttyS0
>en
#conf t
(config)#hostname vEOS1
(config)#int e1
(config-if-Et1)#no switchport
(config-if-Et1)#ip address 10.0.0.1/24
(config-if-Et1)#end
#wr
Copy completed successfully.
vEOS2:
login: admin
Last login: Tue Dec 16 12:48:19 on ttyS0
>en
#conf t
(config)#hostname vEOS2
(config)#int e1
(config-if-Et1)#no switchport
(config-if-Et1)#ip address 10.0.0.2/24
(config-if-Et1)#end
#wr
Copy completed successfully.
vEOS2#ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 72(100) bytes of data.
80 bytes from 10.0.0.1: icmp_req=1 ttl=64 time=94.3 ms