Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

FWSM 3.2(3) bug? or different problem? or config mistake?

FWSM cpu high level (90%-100%) by periods..

I think bug on 3.2(3) but not certainly

I found bug

1. tcp-normalizer

2. High CPU in http inspection

add "show process" file (normal,problem)

please help me..

5 REPLIES
Cisco Employee

Re: FWSM 3.2(3) bug? or different problem? or config mistake?

So if you disable the tcp normalizer you don't see the problem?

New Member

Re: FWSM 3.2(3) bug? or different problem? or config mistake?

Hi Jay,

I have an FWSM running software version 3.1(8). It was upgraded from version 2.3(3).

After the upgrade, end-user complain of slow SQL transfer across the FWSM.

I suspect I'm hitting the bug ID CSCsl71684 (FWSM 'inspect sqlnet' can lead to TCP drops when short inter-packets gap).

The workarounds are:

1 disable inspect sqlnet

2 enable inspect sqlnet but disable tcp normalizer

3 do smaller data transfers (-> resulting in smaller rapid burst of TNS data packets)

4 upgrade FWSM to 3.1.9 or 3.2.

Is it advisable to disable TCP normalizer (using "no control-point tcp-normalizer" command)? What's the impact? I'd like to test disabling TCP normalizer and see the effect on the SQL transfer before I upgrade it to version 3.1(9) or 3.2.

Please advise.

Thank you.

B.Rgds,

Lim TS

Re: FWSM 3.2(3) bug? or different problem? or config mistake?

Can you post the configuration of the following command (captured at various intervals):

show processes cpu-hog

Also as others have suggested, did you try to disable the TCP normalizer using:

no control-point tcp-normalizer

Regards

Farrukh

New Member

Re: FWSM 3.2(3) bug? or different problem? or config mistake?

Hi Farrukh,

Is it recommended to disable TCP normalizer (using "no control-point tcp-normalizer" command)? What's the impact?

Thank you.

B.Rgds,

Lim TS

Re: FWSM 3.2(3) bug? or different problem? or config mistake?

This is the official description:

"For traffic that passes through the control-plane path, such as packets that require Layer 7 inspection or management traffic, the FWSM sets the maximum number of out-of-order packets that can be queued for a TCP connection to 2 packets, which is not user-configurable. Other TCP normalization features that are supported on the PIX and ASA platforms are not enabled for FWSM. You can disable the limited TCP normalization support for the FWSM using the no control-point tcp-normalizer command."

Please note its not recommended to disable it, consider this a transient step to fix the HIGH CPU issue.

Regards

Farrukh

927
Views
0
Helpful
5
Replies