Cisco ASA5500 - "show traffic"

Unanswered Question

Can somebody tell me what does drop rate mean in "show traffic" command output? I looked up command reference document but that doesn't have any information. I am running 8.0.4 code.

1 minute input rate 1015 pkts/sec, 1063149 bytes/sec

1 minute output rate 1573 pkts/sec, 164636 bytes/sec

1 minute drop rate, 7 pkts/sec

5 minute input rate 0 pkts/sec, 0 bytes/sec

5 minute output rate 0 pkts/sec, 0 bytes/sec

5 minute drop rate, 0 pkts/sec

My question is, is drop rate because of buffer over flow, high traffic volume? OR simply because of firewall policy denying the packets? If its firewall policy that's dropping the packets, I am ok. Otherwise I would be concerned about the high drop rate.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Wed, 03/04/2009 - 07:59

I think these are the output of "show interface" command.

The explaination are as below:

Packets dropped - The number of packets dropped. Typically this counter increments for packets dropped on the accelerated security path (ASP), for example, if a packet is dropped due to an access list deny.

See the show asp drop command for reasons for potential drops on an interface.

1 minute input rate - The number of packets received in packets/sec and bytes/sec over the last minute.

1 minute output rate - The number of packets transmitted in packets/sec and bytes/sec over the last minute.

1 minute drop rate - The number of packets dropped in packets/sec over the last minute.

5 minute input rate -The number of packets received in packets/sec and bytes/sec over the last 5 minutes.

5 minute output rate -The number of packets transmitted in packets/sec and bytes/sec over the last 5 minutes.

5 minute drop rate - The number of packets dropped in packets/sec over the last 5 minutes.

Actions

This Discussion