Is this normal CPU% on FWSM

Unanswered Question
Jan 31st, 2008

I got a 6506-e with fwsm module.

I get around 80 connections per sec, mainly UDP.

The proc is constantly at 20-22%

Is this normal for these connections?

How do I troubleshoot this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
excession Thu, 01/31/2008 - 10:17

I'm not sure if it is normal.

Please take 3 outputs of "show proc" each 60 seconds appart and post.

Also if possible please post "show run" without sensitive information? What type of traffic are you inspecting?

If you do a "show pc conn" what connections do you see? Is there one type of traffic in particular? Again if possible post the output here?

pallette Fri, 02/01/2008 - 12:26

Is this FWSM running in single or multiple context mode?

cisconoobie Sun, 02/10/2008 - 11:20

I fixed the problem.

There were about 80 DNS UDP requests passing through the FWSM per second.

inspect DNS maximum-length 512 - was enabled and this killed the CPU%

I disabled DNS inspetion and CPU dropped to 0%

I'm happy that the problem is fixed but it sucks that the FWSM cant handle this inspection properly.


This Discussion