Symptom

On a Cisco switch running an affected version we noticed a memory leak on fed main event process

Conditions

Enable application based QoS policy on interfaces where NBAR is not enabled, nor AVC netflow monitor or SD-AVC is not configured. Platforms affected : Cat9200, Cat9300, Cat9400, (also Cat3K running 16.x.x)

Workaround

There are 3 options: 1. Disable auto-learn using (please use "service internal" if you are not able to see the options): no ip nbar classification auto-learn top-hosts no ip nbar classification auto-learn top-ports no ip nbar classification auto-learn top-asymmetric-socket 2. Enable protocol-discovery on all interfaces that have NBAR QOS. This will add another consumer and will hide the auto-learn issue. 3. Enable application based netflow monitor on all interfaces that have NBAR QoS. Option #1 (disabling auto-learn) is suggested if NBAR protocol-discovery nor AVC netflow monitor is not needed. Fixed software versions: 16.12.3, 16.9.6 onwards

Further Problem Description