PIX - Memory allocation Error

On our network we have two PIX-520 in failover configuration.

Today, for the first time in five years, the active PIX started

generating thousands (almost a million in 15min) of messages:

%PIX-3-211001: Memory allocation Error

The failover PIX didn't switch to active, so the traffic

stopped flowing through the firewall.

A power down/up of the active PIX resolved the problem.

Is it a symptom of an hardware memory failure or an

effect of some hacker attack ??

Has anybody recently experienced a similar problem ?

Thank you,

Alessandro Asson


CINECA - Via Magnanelli, 6/3 I-40033 Casalecchio di Reno (BO) Italy

e-mail: tel +39 051 6171411 fax: +39 051 6132198

Re: PIX - Memory allocation Error


Cant say whether it is an attack or a hardware issue at the moment. You need to provide the following

show conn count

show xlat count

show version



Re: PIX - Memory allocation Error


here is the show xx commands output, taken now, not when the problem was present.. (at that time the pix

was not accessible)

pixfirewall# sh conn count

3599 in use, 9146 most used


pixfirewall# sh xlat count

2793 in use, 2794 most used


pixfirewall# sh ver

Cisco PIX Firewall Version 6.3(1)

Cisco PIX Device Manager Version 2.1(1)

Compiled on Wed 19-Mar-03 11:49 by morlee

pixfirewall up 30 days 17 hours

Hardware: SE440BX2, 128 MB RAM, CPU Pentium II 350 MHz

Flash i28F640J5 @ 0x300, 16MB

BIOS Flash AT29C257 @ 0xfffd8000, 32KB

0: ethernet0: address is 00d0.b785.4722, irq 11

1: ethernet1: address is 00d0.b785.4649, irq 10

2: ethernet2: address is 00e0.b601.090e, irq 15

3: ethernet3: address is 00e0.b601.090d, irq 9

4: ethernet4: address is 00e0.b601.090c, irq 11

5: ethernet5: address is 00e0.b601.090b, irq 10

Licensed Features:

Failover: Enabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Interfaces: 6

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: Unlimited

Throughput: Unlimited

IKE peers: Unlimited

This PIX has an Unrestricted (UR) license.

Serial Number: 18030673 (0x1132051)

Running Activation Key: 0xe21920a6 0xeac8139b 0x4b3172af 0xb9e4be7c

Configuration last modified by enable_15 at 11:26:10.538 MET Fri Feb 20 2004

Re: PIX - Memory allocation Error

this output seems to be normal. we would needed the same output at the time of the problem.

