Symptom
SNMP OID discovery process of many NMS tools hit upon a known caveat/limitation that results in ASA or FTD/LINA CPU Hogs when the Global-shared pool in LINA is walked.
Multiple Customers doing an SNMPwalk or SNMPgetbulk run into the above issue, and have been requesting to somehow bypass these OIDs by default.
Releases with this fix in place will (whether during a fresh install or software upgrades) will have the negative form of the command enforced or applied:
"no snmp-serv enable oid mempool"
Conditions
SNMP polling for individual mempool on FTD
Workaround
On ASA
Configure the command manually:
no snmp-serv enable oid mempool
On Firepower/ FTD
Create and deploy using Flexconfig the following command to the impacted sensor(s) without the double-quotes:
"no snmp-serv enable oid mempool"
NOTE: Use the contraction form of "snmp-serv" command instead of "snmp-server", otherwise FMC will prevent the command to be pushed due to Flexconfig filtering code. The contraction form is not intercepted, applied to the sensor(s) and converted to the full form of the command.
Further Problem Description
