I have noticed on Cisco ASA 5585 (SSP-20) interface error counter going up specially overrun
but so far we haven't seen any production impact or issue, error rate is low so its not noticable but would like to track it down what could be the issue.
asa/pri/act# show int detail | b Internal-Data0/1 Interface Internal-Data0/1 "", is up, line protocol is up Hardware is i82599_xaui rev01, BW 10000 Mbps, DLY 10 usec (Full-duplex), (10000 Mbps) Input flow control is on, output flow control is off MAC address 0000.0001.0002, MTU not set IP address unassigned 1647603170965 packets input, 997527140937135 bytes, 0 no buffer Received 864639959 broadcasts, 0 runts, 0 giants 16931212 input errors, 0 CRC, 0 frame, 16931212 overrun, 0 ignored, 0 abort 0 pause input, 0 resume input 0 L2 decode drops, 0 demux drops 1384367635589 packets output, 843565440564127 bytes, 111 underruns 0 pause output, 0 resume output 0 output errors, 0 collisions, 1 interface resets 0 late collisions, 0 deferred 0 output decode drops 0 input reset drops, 0 output reset drops Queue Stats: RX[00]: 422029984108 packets, 255396173038299 bytes, 15836342 overrun Blocks free curr/low: 511/112 RX[01]: 407016123288 packets, 245899431598039 bytes, 269316 overrun Blocks free curr/low: 511/168 RX[02]: 413500421902 packets, 253352037908193 bytes, 566063 overrun Blocks free curr/low: 511/264 RX[03]: 405056641781 packets, 242879498449889 bytes, 259491 overrun Blocks free curr/low: 511/189 TX[00]: 330190721654 packets, 199847247773742 bytes, 0 underruns Blocks free curr/low: 508/121 TX[01]: 338943972803 packets, 207641035134472 bytes, 0 underruns Blocks free curr/low: 511/116 TX[02]: 351032018606 packets, 213654237791772 bytes, 0 underruns Blocks free curr/low: 510/250 TX[03]: 334102657656 packets, 196810495181007 bytes, 0 underruns Blocks free curr/low: 510/90 TX[04]: 0 packets, 0 bytes, 0 underruns Blocks free curr/low: 511/511 Used by GigabitEthernet0/5 TX[05]: 4 packets, 528 bytes, 0 underruns Blocks free curr/low: 511/509 Used by TenGigabitEthernet0/9 TX[06]: 4 packets, 528 bytes, 0 underruns Blocks free curr/low: 511/510 Used by TenGigabitEthernet0/8 TX[07]: 30112705950 packets, 25621895258706 bytes, 111 underruns Blocks free curr/low: 511/0 Used by GigabitEthernet0/6 TX[08]: 21 packets, 1180 bytes, 0 underruns Blocks free curr/low: 511/510 Used by GigabitEthernet0/7 Topology Information: This interface, a SSP Embedded NIC Port, is connected with Internal-Data0/3, a SSP Switch Uplink Port. Control Point Interface States: Interface number is 3 Interface config status is active Interface state is active
We have multiple VLAN interface running on ASA and some of them using 400mbps and some using 1Gbps traffic rate during peak. We are not using any special feature like IPS/AVC or any malware detection etc, This firewall configure for just ACL and route traffic between multiple VLANs and isolate them.
I heard somewhere that ASA has limitation of 2Gbps throughput or data transfer, does anyone know how to troubleshoot and find out what causing overrun ( possible buffer overflow but again i want to find out what causing them )
No comments:
Post a Comment