Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
4
Helpful
2
Replies

PIX Interface Counters

paul.kyte
Level 1
Level 1

‎09-06-2007 04:31 AM - edited ‎03-11-2019 04:07 AM

I am looking at my PIX interface counters to see if I have any problems on the interfaces. I notice that some of the interfaces have values in the No buffer, Overrun, Underrun and Dropped packets.

I assume the dropped packets are those dropped due to the firewall rules.

With the no buffer, overrun and underrun I know these are all to do with the PIX and the Interfaces performance. Can someone please explain what is causing these counters and therefore what problem there may be. An example from my worst interface is copied below.

Thanks,

Paul

Result of the command: "sh int g0"

Interface GigabitEthernet0 "", is up, line protocol is up

Hardware is i82543 rev02, BW 1000 Mbps

(Full-duplex), 1000 Mbps(1000 Mbps)

Available but not configured via nameif

MAC address 000e.0c2b.b71a, MTU not set

IP address unassigned

65487795 packets input, 18953217272 bytes, 191025 no buffer

Received 17869 broadcasts, 0 runts, 0 giants

0 input errors, 0 CRC, 0 frame, 118436 overrun, 0 ignored, 0 abort

0 L2 decode drops

51933187 packets output, 19223644042 bytes, 0 underruns

0 output errors, 0 collisions

0 late collisions, 0 deferred

input queue (curr/max blocks): hardware (0/0) software (0/0)

output queue (curr/max blocks): hardware (0/255) software (0/0)

Labels:
0 Helpful
2 Replies 2

amritpatek
Level 6
Level 6

‎09-12-2007 08:21 AM

I don't find any error in the interface. The counters are increasing because of normal traffic flow. For examle "packets input" counter will increase when a new packet is received on the interface. All the counters that indicate any error are showing 0. For example "input errors" counter will increase if a packet is received on an interface but it is unreadable, likewise the "CRC" counter will increase if the packet does not pass the CRC check.

rajbhatt
Level 3
Level 3
In response to amritpatek

‎09-16-2007 09:24 PM

Hi,

There is some problem with the overruns .

Plz clear the counters and see if it keeps on increasing :

Overrun

The number of times that the security appliance was incapable of handing received data to a hardware buffer because the input rate exceeded the security appliance capability to handle the data.

Plz check this link for more details :

http://www.cisco.com/en/US/docs/security/asa/asa70/command/reference/s.html

Raj

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card