cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
10425
Views
0
Helpful
4
Replies

errors in interface Internal-Data0/0

Christian Jorge
Level 1
Level 1

Good afternoon

I tried to find in Internet something related to this, but found nothing relevant

I'm receiveing alerts regarding errors in Interface Internal-Data0/0 of firewall ASA. Errors are increasing and all of them regarding overrun

My questions:

1 - Which kind of interface is that?....The only thing I could find is that is a kind of interface to connect to some firewall module. We don't use any module regarding IPS for example.

2 - Which kind of errors is that?.... What's the possible reason or cause?

Follow the relevant configuration below:

brhofwf01per/act# show int detail | b Internal-Data0/0

Interface Internal-Data0/0 "", is up, line protocol is up

  Hardware is i82547GI rev00, BW 1000 Mbps, DLY 10 usec

        (Full-duplex), (1000 Mbps)

        Input flow control is unsupported, output flow control is off

        MAC address 0000.0001.0002, MTU not set

        IP address unassigned

        18223504682 packets input, 7593643356446 bytes, 0 no buffer

        Received 6321093 broadcasts, 0 runts, 0 giants

        4101 input errors, 0 CRC, 0 frame, 4101 overrun, 0 ignored, 0 abort

        0 pause input, 0 resume input

        0 L2 decode drops, 0 demux drops

        20613129289 packets output, 15036177694628 bytes, 0 underruns

        0 pause output, 0 resume output

        0 output errors, 0 collisions, 0 interface resets

        0 late collisions, 0 deferred

        0 input reset drops, 0 output reset drops

        input queue (blocks free curr/low): hardware (255/230)

        output queue (blocks free curr/low): hardware (255/14)

  Control Point Interface States:

        Interface number is 8

        Interface config status is active

        Interface state is active

---------------------------------------------------------------------------------------------------------------

brhofwf01per/act# show module

Mod Card Type                                    Model              Serial No.

--- -------------------------------------------- ------------------ -----------

  0 ASA 5550 Adaptive Security Appliance         ASA5550            JMX1502L0T1

  1 SSM-4GE Included with ASA 5550 System        SSM-4GE-INC        JAF1452ASJJ

Mod MAC Address Range                 Hw Version   Fw Version   Sw Version

--- --------------------------------- ------------ ------------ ---------------

  0 f866.f24d.06e8 to f866.f24d.06ec  2.0          1.0(11)5     8.2(5)26

  1 e05f.b92d.e8a7 to e05f.b92d.e8aa  1.0          1.0(0)8      1.0(0)10

Mod SSM Application Name           Status           SSM Application Version

--- ------------------------------ ---------------- --------------------------

Mod Status             Data Plane Status     Compatibility

--- ------------------ --------------------- -------------

  0 Up Sys             Not Applicable

  1 Up                 Up

----------------------------------------------------------------------------------------------------------------------

brhofwf01per/act# show int ip br

Interface                  IP-Address      OK? Method Status                Protocol

GigabitEthernet0/0         unassigned      YES unset  up                    up

GigabitEthernet0/0.20      200.142.207.164 YES CONFIG up                    up

GigabitEthernet0/1         unassigned      YES unset  up                    up

GigabitEthernet0/1.130     172.17.7.1      YES CONFIG up                    up

GigabitEthernet0/2         unassigned      YES unset  up                    up

GigabitEthernet0/2.160     172.17.11.1     YES CONFIG up                    up

GigabitEthernet0/3         unassigned      YES unset  up                    up

GigabitEthernet0/3.140     172.17.8.1      YES CONFIG up                    up

Internal-Data0/0           unassigned      YES unset  up                    up

Management0/0              unassigned      YES unset  administratively down up

GigabitEthernet1/0         unassigned      YES unset  up                    up

GigabitEthernet1/0.150     172.17.10.1     YES CONFIG up                    up

GigabitEthernet1/0.165     200.142.207.185 YES CONFIG up                    up

GigabitEthernet1/0.170     172.17.12.1     YES CONFIG up                    up

GigabitEthernet1/1         unassigned      YES unset  up                    up

GigabitEthernet1/2         unassigned      YES unset  up                    up

GigabitEthernet1/2.905     172.16.253.3    YES CONFIG up                    up

GigabitEthernet1/3         unassigned      YES unset  up                    up

GigabitEthernet1/3.900     192.0.0.2       YES unset  up                    up

GigabitEthernet1/3.901     192.0.0.6       YES unset  up                    up

Internal-Data1/0           unassigned      YES unset  up                    up

4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

1 - That interface is the interface that connects that ASA to the SSM-4GE-INC card.

2 - Overruns on this interface means that packets were dropped because there  are no buffers in the switch to forward them to the outgoing port. If the counter increases significatnly that means that the SSM-4GE-INC card might be overloaded or oversubscribed as you might have lots of traffic going through those card. However, if the counter increases slowly and you don't see any real production issue, then it should be allright, just have to monitor it a little closer.

About oversubscription, may I suppose that all traffic coming from Gigabit interfaces in SSM-4GE-INC card is more than supported by the card bus (interface Internal-Data)?

Absolutely correct.

Hi Christian,

You can check if the Slot 1 is oversubscribed by checking the show traffic command and at the end you will see the Disctribution of traffic between Slot 0 & 1.

If that is the issue , you can check this:-

http://www.cisco.com/en/US/docs/security/asa/quick_start/5500/5500_quick_start.html#wp35995

Hope this helps.

Vibhor

Review Cisco Networking for a $25 gift card