Performance / Utilization

Unanswered Question
May 15th, 2009
User Badges:

When using a PIX firewall as your internet gateway, what is the best way to evaluate whether the inside interface (or any interface) is overloaded with too much traffic?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Fri, 05/15/2009 - 07:03
User Badges:
  • Purple, 4500 points or more

SNMP is probably the best way to monitor it long term.

Short term you can do a show interface and look at the statistics.

<font size="2"> </p><p>Interface Vlan1 "inside", is up, line protocol is up</p><p>  Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec</p><p>        MAC address 001b.d5fb.25c3, MTU 1500</p><p>        IP address, subnet mask</p><p>  Traffic Statistics for "inside":</p><p>        3401978104 packets input, 2265073547054 bytes</p><p>        3516423720 packets output, 1814495967447 bytes</p><p>        20823450 packets dropped</p><p>      1 minute input rate 121 pkts/sec,  125656 bytes/sec</p><p>      1 minute output rate 95 pkts/sec,  7389 bytes/sec</p><p>      1 minute drop rate, 0 pkts/sec</p><p>      5 minute input rate 178 pkts/sec,  183746 bytes/sec</p><p>      5 minute output rate 141 pkts/sec,  11178 bytes/sec</p><p>      5 minute drop rate, 0 pkts/sec

Hope that helps.

networker99 Fri, 05/15/2009 - 08:19
User Badges:

Thanks, but how do I know if there is too much traffic entering that interface.. I presume by dropped packets?.. how do you clear the counters on a PIX (6.3)

Collin Clark Fri, 05/15/2009 - 08:30
User Badges:
  • Purple, 4500 points or more

You'll have to do some math. Bytes in/out and the bandwidth of your line. SNMP will do this for you and present a graph. Here's a link that defines each line of the show interface.

AFAIK the only way to clear interface counters on a PIX is to reboot it.

Check this link for clear traffic. It might give you what you're looking for.

ELIE IBRAHIM Mon, 05/18/2009 - 23:16
User Badges:

Is there any software or application that monitors inside users usage with history ?


This Discussion