Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1005
Views
0
Helpful
1
Replies

High CPU ASA

mj11
Level 3
Level 3

‎03-13-2012 04:04 PM - edited ‎03-11-2019 03:41 PM

Hi All

I am hoping for some help on the following, this is an ASA-5520 and I am seeing high CPU in the Dispatch Unit.

This issue only started the other day with no changes taking place.

ASA code 8.2(5)

In the show interface I am seeing (I have added int gig 0/0 but I am seeing most interfaces)

Interface GigabitEthernet0/0 "", is up, line protocol is up

  Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec

    Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps)

    Input flow control is unsupported, output flow control is off

    Available but not configured via nameif

    MAC address 001a.e268.3bc6, MTU not set

    IP address unassigned

    4041726 packets input, 3690254919 bytes, 0 no buffer

    Received 160 broadcasts, 0 runts, 0 giants

    638 input errors, 0 CRC, 0 frame, 638 overrun, 0 ignored, 0 abort

    0 pause input, 0 resume input

    0 L2 decode drops

    3083067 packets output, 955771200 bytes, 0 underruns

    0 pause output, 0 resume output

    0 output errors, 0 collisions, 0 interface resets

    0 late collisions, 0 deferred

    0 input reset drops, 0 output reset drops, 0 tx hangs

    input queue (blocks free curr/low): hardware (255/230)

    output queue (blocks free curr/low): hardware (255/0)

There are no issues on the 1550 blocks

SIZE    MAX    LOW    CNT

     1550   9901   9437   9634

I am trying to see if there is to much traffic for the size of the unit,

Show traffic

----------------------------------------

Aggregated Traffic on Physical Interface

----------------------------------------

GigabitEthernet0/0:

    received (in 477.930 secs):

        788313 packets    734231259 bytes

        1649 pkts/sec    1536273 bytes/sec

    transmitted (in 477.930 secs):

        583138 packets    175215781 bytes

        1220 pkts/sec    366613 bytes/sec

      1 minute input rate 1495 pkts/sec,  1293047 bytes/sec

      1 minute output rate 1112 pkts/sec,  303861 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 1800 pkts/sec,  1748612 bytes/sec

      5 minute output rate 1315 pkts/sec,  402755 bytes/sec

      5 minute drop rate, 0 pkts/sec

GigabitEthernet0/1:

    received (in 477.940 secs):

        596830 packets    155104209 bytes

        1248 pkts/sec    324526 bytes/sec

    transmitted (in 477.940 secs):

        870551 packets    541937617 bytes

        1821 pkts/sec    1133903 bytes/sec

      1 minute input rate 1375 pkts/sec,  410989 bytes/sec

      1 minute output rate 2011 pkts/sec,  1277801 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 1236 pkts/sec,  296002 bytes/sec

      5 minute output rate 1819 pkts/sec,  1162266 bytes/sec

      5 minute drop rate, 0 pkts/sec

GigabitEthernet0/2:

    received (in 477.950 secs):

        660248 packets    277355896 bytes

        1381 pkts/sec    580303 bytes/sec

    transmitted (in 477.950 secs):

        708977 packets    494642938 bytes

        1483 pkts/sec    1034926 bytes/sec

      1 minute input rate 1070 pkts/sec,  531022 bytes/sec

      1 minute output rate 1098 pkts/sec,  763625 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 1508 pkts/sec,  605737 bytes/sec

      5 minute output rate 1646 pkts/sec,  1174765 bytes/sec

      5 minute drop rate, 0 pkts/sec

GigabitEthernet0/3:

    received (in 477.970 secs):

        1524 packets    138008 bytes

        3 pkts/sec    288 bytes/sec

    transmitted (in 477.970 secs):

        36277 packets    40324172 bytes

        75 pkts/sec    84365 bytes/sec

      1 minute input rate 3 pkts/sec,  286 bytes/sec

      1 minute output rate 83 pkts/sec,  94129 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 3 pkts/sec,  289 bytes/sec

      5 minute output rate 74 pkts/sec,  82180 bytes/sec

      5 minute drop rate, 0 pkts/sec

Internal-Control0/0:

    received (in 477.980 secs):

        2822 packets    494320 bytes

        5 pkts/sec    1034 bytes/sec

    transmitted (in 477.980 secs):

        2923 packets    207630 bytes

        6 pkts/sec    434 bytes/sec

      1 minute input rate 6 pkts/sec,  1068 bytes/sec

      1 minute output rate 6 pkts/sec,  448 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 5 pkts/sec,  1023 bytes/sec

      5 minute output rate 6 pkts/sec,  430 bytes/sec

      5 minute drop rate, 0 pkts/sec

Internal-Data0/0:

    received (in 477.990 secs):

        1921712 packets    1247471376 bytes

        4020 pkts/sec    2609827 bytes/sec

    transmitted (in 477.990 secs):

        1921712 packets    1247471376 bytes

        4020 pkts/sec    2609827 bytes/sec

      1 minute input rate 3639 pkts/sec,  2382113 bytes/sec

      1 minute output rate 3639 pkts/sec,  2382139 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 4299 pkts/sec,  2833871 bytes/sec

      5 minute output rate 4299 pkts/sec,  2833872 bytes/sec

      5 minute drop rate, 0 pkts/sec

Management0/0:

    received (in 478.010 secs):

        6147 packets    1154808 bytes

        12 pkts/sec    2415 bytes/sec

    transmitted (in 478.010 secs):

        3774 packets    468640 bytes

        7 pkts/sec    980 bytes/sec

      1 minute input rate 9 pkts/sec,  1904 bytes/sec

      1 minute output rate 6 pkts/sec,  837 bytes/sec

      1 minute drop rate, 0 pkts/sec

      5 minute input rate 13 pkts/sec,  2554 bytes/sec

      5 minute output rate 8 pkts/sec,  998 bytes/sec

      5 minute drop rate, 0 pkts/sec

Any help much appreciated

Regards MJ

Labels:
0 Helpful
1 Reply 1

sooprasa
Level 1
Level 1

‎03-13-2012 09:56 PM

Hello ,

Interface overruns, no buffer and underruns often show that the firewall cannot process all the traffic it is  receiving on its NIC. Overruns and no buffers indicate that input  traffic is too much on a given interface. The interface maintains a  receive ring where packets are stored before they are processed by the  ASA. If the NIC is receiving traffic faster than the ASA can pull them  off the receive ring, the packet will be dropped and either the no  buffer or overrun counter will increment.

You may find this useful:

https://supportforums.cisco.com/docs/DOC-12439

Regards,

Sooraj

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card