Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

LAN-IDSM2 Inline

Hello all,

If a LAN-IDSM2 installed on a main swx  6500 as a IDS, can we switch it to be inline as an IPS?

how can we know if this IDSM can support the throuput? and how can we know what is the curent throuput passing through this LAN-IDSM2 in order to take a decision about it?

best regards,

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: LAN-IDSM2 Inline

Yes IDSM can be inline device.

Regarding throughput, it's best to do a test.

I beleive a single IDSM can do 500Mbit/s (Marketing numbers, actual performance will depend on features enabled etc etc) via ECLB you can take up to 4 devices to provide up to 2Gbit/s throughput (if traffic is load balanced properly).

If you want to check current load, you can check either stats in IDSM itself or if you want traffic statistics:

show intrusion modu {NUM} data-port {1|2} traffic

example result:
Intrusion-detection module 7 data-port 1

Specified interface is up line protocol is up (connected)
  Hardware is C6k 1000Mb 802.3, address is 0012.4374.290c (bia 0012.4374.290c)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s
  input flow-control is off, output flow-control is unsupported
  Last input never, output 00:00:44, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     2 packets input, 164 bytes, 0 no buffer
     Received 1 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     188437 packets output, 89695206 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out

1 REPLY
Cisco Employee

Re: LAN-IDSM2 Inline

Yes IDSM can be inline device.

Regarding throughput, it's best to do a test.

I beleive a single IDSM can do 500Mbit/s (Marketing numbers, actual performance will depend on features enabled etc etc) via ECLB you can take up to 4 devices to provide up to 2Gbit/s throughput (if traffic is load balanced properly).

If you want to check current load, you can check either stats in IDSM itself or if you want traffic statistics:

show intrusion modu {NUM} data-port {1|2} traffic

example result:
Intrusion-detection module 7 data-port 1

Specified interface is up line protocol is up (connected)
  Hardware is C6k 1000Mb 802.3, address is 0012.4374.290c (bia 0012.4374.290c)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s
  input flow-control is off, output flow-control is unsupported
  Last input never, output 00:00:44, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     2 packets input, 164 bytes, 0 no buffer
     Received 1 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     188437 packets output, 89695206 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out

193
Views
5
Helpful
1
Replies