Performance / Utilization

Unanswered Question
May 15th, 2009

When using a PIX firewall as your internet gateway, what is the best way to evaluate whether the inside interface (or any interface) is overloaded with too much traffic?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Fri, 05/15/2009 - 07:03

SNMP is probably the best way to monitor it long term.

Short term you can do a show interface and look at the statistics.

<font size="2"> </p><p>Interface Vlan1 "inside", is up, line protocol is up</p><p>  Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec</p><p>        MAC address 001b.d5fb.25c3, MTU 1500</p><p>        IP address 10.10.154.254, subnet mask 255.255.255.0</p><p>  Traffic Statistics for "inside":</p><p>        3401978104 packets input, 2265073547054 bytes</p><p>        3516423720 packets output, 1814495967447 bytes</p><p>        20823450 packets dropped</p><p>      1 minute input rate 121 pkts/sec,  125656 bytes/sec</p><p>      1 minute output rate 95 pkts/sec,  7389 bytes/sec</p><p>      1 minute drop rate, 0 pkts/sec</p><p>      5 minute input rate 178 pkts/sec,  183746 bytes/sec</p><p>      5 minute output rate 141 pkts/sec,  11178 bytes/sec</p><p>      5 minute drop rate, 0 pkts/sec

Hope that helps.

networker99 Fri, 05/15/2009 - 08:19

Thanks, but how do I know if there is too much traffic entering that interface.. I presume by dropped packets?.. how do you clear the counters on a PIX (6.3)

Collin Clark Fri, 05/15/2009 - 08:30

You'll have to do some math. Bytes in/out and the bandwidth of your line. SNMP will do this for you and present a graph. Here's a link that defines each line of the show interface.

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/s3.html#wp1421795

AFAIK the only way to clear interface counters on a PIX is to reboot it.

Check this link for clear traffic. It might give you what you're looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml

ELIE IBRAHIM Mon, 05/18/2009 - 23:16

Is there any software or application that monitors inside users usage with history ?

Actions

This Discussion