Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Pix multiple issues

Hi ,

I am runnnig 7.07 in pix 525 with the following problems :

1.Cpu utilzation is extermely high. (52%)

If I analyse the cpu profile will that incerase the utlization further?

2.My pixes have failed and crash thread is fover_serial_rx and it is showing block memory exhaustion both count and low is showing 0 in the crash .

Though there is a bug CSCsh32241 but it has been resolved in this code .

3.My config is very big so if I use turbo ACl how will it impact the performance .

Thnks in advance

Raj

10 REPLIES
Community Member

Re: Pix multiple issues

Hi ,

Was just expecting if some one has any ideas on this

Raj

Community Member

Re: Pix multiple issues

TurboACL - do you have a large amount of ACL's in config - if yes then use turbo ACL 1 time to compile them - then it should run a little better (performance-wise)

CPU load - how much traffic is passing through the device ?

....just my thoughts on this

Re: Pix multiple issues

I thought I saw similar thread a while ago on this issue, you may want to do a search in security forum on high cpu pix 7.0, I believe mention of getting out of 7.0 and alteast use 7.2 as this version is much more statble, check bug tool database pertaining 7.0.

Rgds

Jorge

Silver

Re: Pix multiple issues

Jorge,

What do base this information on? How do

you determine that 7.2 is much more stable

than version 7.0.7?

Version 7.0.7 is more stable than version

7.2 because 7.0.7 is GD while 7.2 is ED

(Early Deployment).

CCIE Security

Re: Pix multiple issues

I think my post was very clear ! based on reading threads and end user reports .

Green

Re: Pix multiple issues

I would have to agree with Jorge, as would most.

Silver

Re: Pix multiple issues

How would you explain the fact that 7.0(7) is

GD while 7.2 is ED? I was informed by Cisco

TAC that GD is for General Deployment, means

that this is very stable code release. Early

Deployment, ED, means the code in its early

deployment phase and it is not as stable as

General Deployment.

Am I wrong about this?

Community Member

Re: Pix multiple issues

I am currently running 7.2 on all my PIX's without problems - so maybe a good idea to upgrade....

Community Member

Re: Pix multiple issues

Hi,

Thanks for ur replies

I would upgarde to 7.2.3 and see if anything good actaully comes from it.

But it does have some bugs realted to 7.2.3 : memory problem

and crash is due to block memory exhaution .

Any ideas on cpu profile activates ?

how does that impact cpu utilization

Raj

Community Member

Re: Pix multiple issues

HI ,

Could any one throw any light on this :HIgh cpu on pix

for sh process : I have an unusual reading on arp and dispatach unit .

PC SP STATE Runtime SBASE Stack Process

Lwe 00105f05 01191fa0 00ea5be0 0 01190018 8072/8192 block_diag

Mrd 0020d172 0177d140 00ea5c80 113745167 017751f8 27976/32768 Dispatch Unit

M* 0073955b 0009feec 00ea5c80 1095 0638a5b0 25180/32768 accept/http

Mwe 00a73a19 0447fa38 00ea5b98 13 0447dac0 5740/8192 ssh/timer

- - - - 798544616 - - scheduler

- - - - 922889167 - - total elapsed

Here is sh blocks

Result of the command: "sh blocks"

SIZE MAX LOW CNT

4 300 295 299

80 116 0 116

256 3636 3476 3636

Here is also an out put fron sh traffic ?

Do i need to upgarde the interfaces

Raj

172
Views
0
Helpful
10
Replies
CreatePlease to create content