FWSM 4.1, closes all connections.

Unanswered Question
Panos Kampanakis Tue, 04/27/2010 - 16:04
User Badges:
  • Cisco Employee,

It does not make sense to close all conns.

When changing an ACL there will be a CPU spike but we should not close all conns.


Check if the issue is due to the CPU.

Also you could check the logs to see if conns are torn due and the teardown reason.


I hope it helps.


PK

Panos Kampanakis Wed, 04/28/2010 - 05:33
User Badges:
  • Cisco Employee,

I would make sure I know if the conns are torn down when I see the "outage" (I don't think that is the case).What I would check is if conns are torn down, why they are torn down. You can check syslogs for that.

I don't think they are torn down, there might be some slowness if the CPU spikes for some time and you cpu stays high.

Then I would try to correlate the "outage" with the event. Packet captures using the capture command for a host that is experiencing the outage would also help you to see what is happening with the packets of a conn that "breaks".


I hope it helps.


PK

Actions

This Discussion