IDSM-2 Missed Packet Percent

Unanswered Question
Apr 24th, 2008
User Badges:

We have two IDSM-2's in seperate Cat6 chassis. Each IDSM-2 misses approx 48 pc of traffic.


The sensor's are set in promisc mode, and currently monitor 12 vlan's at an average rate of 180 mps thorughput. This rate has been monitored via PRTG. Cisco advised for us to upgrade to the latest software versions but the problem persists. If we reset the modules then the problem goes away for about 1 hr.


Anyone got any ideas. I am thinking RMA, but am confused that it is doing it on both blades.


For further information we have 10 other IDSM-s in seperate chassis, which work fine.


Thanks,


Jon



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
attmidsteam Fri, 04/25/2008 - 08:41
User Badges:
  • Silver, 250 points or more

Do you know what the packet per second rate is? That might be killing the sensors more than the actual bits/sec bandwidth. Also, you might have to start disabling lots of signatures to keep the sensors up. I would open a TAC and make a stink about the rated performance.


Just so you know, most Cisco IDS devices do not perform at rated specs (we typically find they perform at about 1/3 of the 'marketing-specs' in the real world).


Good luck.

Actions

This Discussion