Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Connection limits questions.

Hi all.

i got a crahed 5520 this week and was showing

<163>Nov 28 2011 11:34:45: %ASA-3-201013: Per-client connection limit exceeded -125/100

What the negative number tells ?  i usually see same numbers like 100/100 with means the connection limited has reached.

also the box was showing

<163>Nov 28 2011 19:51:17: %ASA-3-210007: LU allocate xlate failed

<161>Nov 28 2011 17:50:44: %ASA-1-105005: (Primary) Lost Failover communications with mate on interface OUTSIDE

from the last 2 log messages its showing that the box was out of resources correct ? 

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Connection limits questions.

The negative numbers reading is caused by a bug. Please see "CSCtl23397 - ASA may log negative values for Per-client conn limit exceeded messg".

The 210007 message is indicating stateful failover is out of resources. See this explanation.

Overall it appears your boxes may be pushing the limit of their capabilities connection-wise. Some further investigation would be required to determine whether that was a one-time event or indicative of a need to upgrade (memory or device).

3 REPLIES
Hall of Fame Super Silver

Connection limits questions.

The negative numbers reading is caused by a bug. Please see "CSCtl23397 - ASA may log negative values for Per-client conn limit exceeded messg".

The 210007 message is indicating stateful failover is out of resources. See this explanation.

Overall it appears your boxes may be pushing the limit of their capabilities connection-wise. Some further investigation would be required to determine whether that was a one-time event or indicative of a need to upgrade (memory or device).

New Member

Connection limits questions.

Thanks again Marvin.

Actually was a DDos attack.

Hall of Fame Super Silver

Connection limits questions.

You're welcome. Thanks for the rating.

Yeah I was thinking something like a DDos attack when I alluded to "one-time event". I hesitate to raise that spectre directly though so as not to "cry wolf" and unduly alarms folks without any corroborating data.

522
Views
0
Helpful
3
Replies
CreatePlease to create content