Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9298
Views
19
Helpful
5
Replies

Discarded Incoming Packets on Internal-Data0/1

iglablues
Level 1
Level 1

‎04-05-2013 08:11 AM - edited ‎03-11-2019 06:24 PM

Hi all. I'm looking for some assistance on how to best troubleshoot some errors I'm seeing on the internal interfaces of my ASA 5505. This is similar to the question at https://supportforums.cisco.com/message/3882363#3882363, but the details are different enough that I felt it justified a new discussion.

I have an ASA 5505, running version 8.2(2), 256MB RAM. From time to time (on the order of once a week) our monitoring alerts us that both Internal-Data0/0 and Internal-Data0/1 are experiencing an unusual amount of inbound packets which were discarded with errors, up to 2.3 per second as of this post. Here is what I hope relevant output from my device:

asa# show interface ip brief

Interface                  IP-Address      OK? Method Status                Protocol

Internal-Data0/0           unassigned      YES unset  up                    up

Internal-Data0/1           unassigned      YES unset  up                    up

Vlan1                      10.x.x.x     YES CONFIG up                    up

Vlan2                      32.32.32.32    YES CONFIG up                    up

Vlan69                     unassigned      YES unset  down                  down

Vlan999                    192.168.x.x   YES unset  down                  down

Virtual0                   127.0.0.1       YES unset  up                    up

Ethernet0/0                unassigned      YES unset  up                    up

Ethernet0/1                unassigned      YES unset  up                    up

Ethernet0/2                unassigned      YES unset  down                  down

Ethernet0/3                unassigned      YES unset  down                  down

Ethernet0/4                unassigned      YES unset  down                  down

Ethernet0/5                unassigned      YES unset  down                  down

Ethernet0/6                unassigned      YES unset  down                  down

Ethernet0/7                unassigned      YES unset  down                  down

asa# show int detail | b Internal-Data0/0

Interface Internal-Data0/0 "", is up, line protocol is up

  Hardware is y88acs06, BW 1000 Mbps, DLY 10 usec

(Full-duplex), (1000 Mbps)

Input flow control is unsupported, output flow control is unsupported

MAC address 001d.45e5.85ce, MTU not set

IP address unassigned

2495592784 packets input, 67465662522359 bytes, 0 no buffer

Received 440472779 broadcasts, 0 runts, 0 giants

2711749 input errors, 0 CRC, 0 frame, 2711749 overrun, 0 ignored, 0 abort

45 L2 decode drops, 419 demux drops

1844965032 packets output, 67568265260286 bytes, 132370 underruns

0 pause output, 0 resume output

0 output errors, 0 collisions, 0 interface resets

0 late collisions, 0 deferred

0 input reset drops, 0 output reset drops, 0 tx hangs

input queue (blocks free curr/low): hardware (487/487)

output queue (blocks free curr/low): hardware (512/0)

  Control Point Interface States:

Interface number is 3

Interface config status is active

Interface state is active

Interface Internal-Data0/1 "", is up, line protocol is up

  Hardware is 88E6095, BW 1000 Mbps, DLY 10 usec

(Full-duplex), (1000 Mbps)

Input flow control is unsupported, output flow control is unsupported

        MAC address 0000.0003.0002, MTU not set

IP address unassigned

139283683669 packets input, 67568128447563 bytes, 0 no buffer

Received 14306745 broadcasts, 0 runts, 0 giants

5381112 input errors, 0 CRC, 0 frame, 5381112 overrun, 0 ignored, 0 abort

15 switch ingress policy drops

139996824784 packets output, 67502394802172 bytes, 0 underruns

0 pause output, 0 resume output

0 output errors, 0 collisions, 0 interface resets

0 late collisions, 0 deferred

0 input reset drops, 0 output reset drops

0 switch egress policy drops

  Control Point Interface States:

Interface number is 12

Interface config status is active

Interface state is active

asa# show module

Mod Card Type                                    Model              Serial No.

--- -------------------------------------------- ------------------ -----------

  0 ASA 5505 Adaptive Security Appliance         ASA5505            xxxxxxxxxxxx

Mod MAC Address Range                 Hw Version   Fw Version   Sw Version

--- --------------------------------- ------------ ------------ ---------------

  0 001d.45e5.85c6 to 001d.45e5.85d0  1.0          1.0(12)6     8.2(2)

Mod SSC Application Name           Status           SSC Application Version

--- ------------------------------ ---------------- --------------------------

Mod Status             Data Plane Status     Compatibility

--- ------------------ --------------------- -------------

  0 Up Sys             Not Applicable

asa# show blocks interface

Memory Pool  SIZE  LIMIT/MAX     LOW     CNT  GLB:HELD     GLB:TOTAL

       DMA    2048       1024       0     501         0       5040400

1. My understanding is that Internal-Data0/0 is an internal bus that connects to modules like the 4GE. I don't have any modules installed at all, as you can tell. Therefore, what is this bus doing?

2. For that matter, what is Internal-Data0/1 doing? What does it connect to?

3. I'm guessing that due to the input errors and overruns reported for both of these interfaces, it's a buffering issue. Since these are input errors, does this mean that traffic destined to this bus for forwarding is being dropped because the bus itself is running out of buffer memory? How would I see (and subsequently monitor) the buffer memory for these interfaces? Once I am able to see it, what sort of tools can I use to determine what is causing this?

Thanks in advance for whatever portions of this question you can answer or shed some light on.

Labels:
0 Helpful
5 Replies 5

Julio Carvajal
VIP Alumni
VIP Alumni

‎04-05-2013 11:33 AM

1) It is also the bus that connects to the AIP-SSC module ( IPS module)

2) The Interface internal-Data0/1 refers to the backplane switch port that connects to the ASA CPU in this particular device so this will always be used for the CPU in order to process packets.

If we see overruns drops here then it means there are no buffers in the switch to forward this packets to the right port,

3) I already answered that on question 2, now this might be due to the case of oversubscription or micro-burst. You will need to determine how much traffic is crossing your network,

Remember to rate all of the helpful posts

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

iglablues
Level 1
Level 1
In response to Julio Carvajal

‎04-08-2013 09:06 AM

Thank you for your response.

I don't have any module in the ASA; not an IPS module nor a 4GE or anything else. It's just a base system. What does Internal-Data0/0 represent in that case? Or rather, what might overruns means in this case?

Regarding Internal-Data0/1, can you clarify what the buffer is in regards to? Like, in computer terms, is the buffer the actual RAM (the 512MB it comes with), or is this memory used by the CPU (like L1 cache or something)?

Would you be able to suggest a couple of commands for viewing the amount of traffic in the CLI? If I want to keep track of this for graphing purposes in troubleshooting the next time it happens, is there a way I can log that information?

Thanks again!

0 Helpful

iglablues
Level 1
Level 1
In response to iglablues

‎04-15-2013 06:49 PM

Any chance I can get an answer to my follow-up questions? If not the third one (the request for some helpful commands), then at least in regards to clearing up what Internal-Data0/0 means when I don't have any modules installed at all? If an explanation here is not reasonable, maybe a pointer to an article/website that explains these things? It's not like I haven't searched the actual ASA documentation site; I just haven't found anything that explains it.

0 Helpful

rockygandham
Level 1
Level 1
In response to Julio Carvajal

‎06-18-2016 12:10 AM

I have also got few doubts on these ports . My question , will be there be any possibilities for these ports go down unless the physical link goes down ?

Whats the possible issue on data traffic or will be there any production traffic drops etc ?

I am seeing one of Data port as Up/Down status. What this port down will cause ?

Internal-Control0/0        127.0.1.1       YES unset  up                    up
Internal-Data0/0           unassigned      YES unset  up                    down
Internal-Data0/1           unassigned      YES unset  up                    up
Internal-Data0/2           unassigned      YES unset  up                    up
Management0/0              192.168.1.1     YES CONFIG down                  down

ASA# sh interface detail | b Internal-Data0/0
Interface Internal-Data0/0 "asa_mgmt_plane", is up, line protocol is down
  Hardware is i82574L rev00, BW 1000 Mbps, DLY 10 usec
        Input flow control is unsupported, output flow control is off
        MAC address 88f0.3127.2dd4, MTU not set
        IP address unassigned

0 Helpful

cuongtlam
Level 1
Level 1

‎05-14-2014 06:50 AM

I get the same problem and I am running the ASA 5585-x. What was the solution?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card