Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Will capture Command Cause Any Impact?

hi all,

i've got few ASA 5510 currently in production that i want to capture some packets. i tried to look for docs or link if the capture command will cause any effect or impact on the ASA performance but i only saw this doc in cisco and some cisco white papers.

https://supportforums.cisco.com/docs/DOC-17345

could someone confirm on this? thanks in advance.

Everyone's tags (4)
2 ACCEPTED SOLUTIONS

Accepted Solutions

Will capture Command Cause Any Impact?

Hello,

My recomendation is make sure you use it only when you needed.

Captures will take CPU to run and Memory to store the information captured so make sure you only use it while troubleshooting.

I do remember once a customer was having 90 % CPU but he had like 5 captures running on the ASA, Circular buffer and catching a lot of stuff.

Note: If you are capturing traffic from 2 end-stations and you know there is no much traffic going on there then you should not be aware of something. Nothing will happen.

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Super Bronze

Will capture Command Cause Any Impact?

Hi,

I tend to use the packet capture a lot in the ASA. Mostly in the cases where the customer/user doesnt give a good description on what the problem is.

I use it on pretty much every model we have. ASAs, PIXs and FWSMs. To this day I have not run into any problems using the packet capture on the ASAs even multiple of them running at one time. I might have 1-3 captures active on a single device depending on the customer network in question.

So I would imagine that you wont run into any problems unless your device is already on its limit of resources.There was some discussion here recently that I think mentioned some problem related to capturing traffic that was caused by a bug.

- Jouni

5 REPLIES

Will capture Command Cause Any Impact?

Hello,

My recomendation is make sure you use it only when you needed.

Captures will take CPU to run and Memory to store the information captured so make sure you only use it while troubleshooting.

I do remember once a customer was having 90 % CPU but he had like 5 captures running on the ASA, Circular buffer and catching a lot of stuff.

Note: If you are capturing traffic from 2 end-stations and you know there is no much traffic going on there then you should not be aware of something. Nothing will happen.

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Will capture Command Cause Any Impact?

hey julio,

thanks for your feedback! so far, cpu's quiet.

i just want to check one instance only, so i guess it wouldn't hurt to fire this command.

# sh cpu usage 

CPU utilization for 5 seconds = 2%; 1 minute: 2%; 5 minutes: 2%

# sh ve

Cisco Adaptive Security Appliance Software Version 8.2(5)

Device Manager Version 6.2(3)

Compiled on Fri 20-May-11 16:00 by builders

System image file is "disk0:/asa825-k8.bin"

Config file at boot was "startup-config"

up 114 days 3 hours

Hardware:   ASA5510, 256 MB RAM, CPU Pentium 4 Celeron 1599 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xffe00000, 1024KB

Super Bronze

Will capture Command Cause Any Impact?

Hi,

I tend to use the packet capture a lot in the ASA. Mostly in the cases where the customer/user doesnt give a good description on what the problem is.

I use it on pretty much every model we have. ASAs, PIXs and FWSMs. To this day I have not run into any problems using the packet capture on the ASAs even multiple of them running at one time. I might have 1-3 captures active on a single device depending on the customer network in question.

So I would imagine that you wont run into any problems unless your device is already on its limit of resources.There was some discussion here recently that I think mentioned some problem related to capturing traffic that was caused by a bug.

- Jouni

Will capture Command Cause Any Impact?

jouni,

thanks for joining in and sharing a personal tip!

this gave me a confidence boost to try this out.

Will capture Command Cause Any Impact?

Hello John,

Exactly no worries at all

But remember this feature is used for troubleshooting purposes no need to let it running if you do not needed.

And just to be safe make it as Specific as Possible . That's the keyword.

For more information about Core and Security Networking follow my website at http://laguiadelnetworking.

Any question contact me at jcarvaja@laguiadelnetworking.com

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
284
Views
0
Helpful
5
Replies
CreatePlease to create content