Definitly looks to me like a DoS attack. You are over your supported max connections for the 515 which would be about 130000. Between the DNS connections and the Mail connections its hard to tell what the root cause is. I would look at an internal host possibly trying to send spam. Maybe a better look at the connections table. At this point I would clear connections and xlates. I imagine you are already impacted. How may users do you have on your network? Which version code? Wouldnt hurt setting max conns and half open limits to help stop this in the future. My best guess is a machine has a virus on your network. After a clear conn you should be able to see with another sh conn possibly who is causing the traffic. May also want to look at logs to see if you have multiple denies on high ports. If you dont have your firewalls rules base locked down I would also do so to limit the amount of connections being established by dropping unwanted traffic.
I ended up rebooting the Pix to resolve this, and the sysptoms went away for about 5 days, yesterday it popped up again, it had been fine in the five days since.
From looking at the connections, i noticed that though there were still alot of embryonic connections even those which were established the idel time was very high, i thought that the setting on the timeout command should enforce a clearing of these.
My timeout command has TCP set to 1 hour but some of these were alot higher.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :