PIX Interface Counters

Unanswered Question
Sep 6th, 2007

I am looking at my PIX interface counters to see if I have any problems on the interfaces. I notice that some of the interfaces have values in the No buffer, Overrun, Underrun and Dropped packets.

I assume the dropped packets are those dropped due to the firewall rules.

With the no buffer, overrun and underrun I know these are all to do with the PIX and the Interfaces performance. Can someone please explain what is causing these counters and therefore what problem there may be. An example from my worst interface is copied below.

Thanks,

Paul

Result of the command: "sh int g0"

Interface GigabitEthernet0 "", is up, line protocol is up

Hardware is i82543 rev02, BW 1000 Mbps

(Full-duplex), 1000 Mbps(1000 Mbps)

Available but not configured via nameif

MAC address 000e.0c2b.b71a, MTU not set

IP address unassigned

65487795 packets input, 18953217272 bytes, 191025 no buffer

Received 17869 broadcasts, 0 runts, 0 giants

0 input errors, 0 CRC, 0 frame, 118436 overrun, 0 ignored, 0 abort

0 L2 decode drops

51933187 packets output, 19223644042 bytes, 0 underruns

0 output errors, 0 collisions

0 late collisions, 0 deferred

input queue (curr/max blocks): hardware (0/0) software (0/0)

output queue (curr/max blocks): hardware (0/255) software (0/0)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (2 ratings)
Loading.
amritpatek Wed, 09/12/2007 - 08:21

I don't find any error in the interface. The counters are increasing because of normal traffic flow. For examle "packets input" counter will increase when a new packet is received on the interface. All the counters that indicate any error are showing 0. For example "input errors" counter will increase if a packet is received on an interface but it is unreadable, likewise the "CRC" counter will increase if the packet does not pass the CRC check.

rajbhatt Sun, 09/16/2007 - 21:24

Hi,

There is some problem with the overruns .

Plz clear the counters and see if it keeps on increasing :

Overrun

The number of times that the security appliance was incapable of handing received data to a hardware buffer because the input rate exceeded the security appliance capability to handle the data.

Plz check this link for more details :

http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html

Raj

Actions

This Discussion