Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Performance / Utilization

When using a PIX firewall as your internet gateway, what is the best way to evaluate whether the inside interface (or any interface) is overloaded with too much traffic?

Thanks

5 REPLIES

Re: Performance / Utilization

SNMP is probably the best way to monitor it long term.

Short term you can do a show interface and look at the statistics.

Interface Vlan1 "inside", is up, line protocol is up

Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec

MAC address 001b.d5fb.25c3, MTU 1500

IP address 10.10.154.254, subnet mask 255.255.255.0

Traffic Statistics for "inside":

3401978104 packets input, 2265073547054 bytes

3516423720 packets output, 1814495967447 bytes

20823450 packets dropped

1 minute input rate 121 pkts/sec, 125656 bytes/sec

1 minute output rate 95 pkts/sec, 7389 bytes/sec

1 minute drop rate, 0 pkts/sec

5 minute input rate 178 pkts/sec, 183746 bytes/sec

5 minute output rate 141 pkts/sec, 11178 bytes/sec

5 minute drop rate, 0 pkts/sec

Hope that helps.

New Member

Re: Performance / Utilization

Thanks, but how do I know if there is too much traffic entering that interface.. I presume by dropped packets?.. how do you clear the counters on a PIX (6.3)

Re: Performance / Utilization

You'll have to do some math. Bytes in/out and the bandwidth of your line. SNMP will do this for you and present a graph. Here's a link that defines each line of the show interface.

http://www.cisco.com/en/US/docs/security/asa/asa81/command/ref/s3.html#wp1421795

AFAIK the only way to clear interface counters on a PIX is to reboot it.

Check this link for clear traffic. It might give you what you're looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml

New Member

Re: Performance / Utilization

You could also use PDM for monitoring your interfaces.

If you enable PDM history it will save metrics for up to 5 days too :)

http://www.cisco.com/en/US/customer/docs/security/pix/pix63/command/reference/mr.html#wp1026951

New Member

Re: Performance / Utilization

Is there any software or application that monitors inside users usage with history ?

124
Views
0
Helpful
5
Replies
CreatePlease to create content