Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10425
Views
0
Helpful
4
Replies

errors in interface Internal-Data0/0

Christian Jorge
Level 1
Level 1

‎03-07-2013 12:33 PM - edited ‎03-11-2019 06:11 PM

Good afternoon

I tried to find in Internet something related to this, but found nothing relevant

I'm receiveing alerts regarding errors in Interface Internal-Data0/0 of firewall ASA. Errors are increasing and all of them regarding overrun

My questions:

1 - Which kind of interface is that?....The only thing I could find is that is a kind of interface to connect to some firewall module. We don't use any module regarding IPS for example.

2 - Which kind of errors is that?.... What's the possible reason or cause?

Follow the relevant configuration below:

brhofwf01per/act# show int detail | b Internal-Data0/0

Interface Internal-Data0/0 "", is up, line protocol is up

  Hardware is i82547GI rev00, BW 1000 Mbps, DLY 10 usec

        (Full-duplex), (1000 Mbps)

        Input flow control is unsupported, output flow control is off

        MAC address 0000.0001.0002, MTU not set

        IP address unassigned

        18223504682 packets input, 7593643356446 bytes, 0 no buffer

        Received 6321093 broadcasts, 0 runts, 0 giants

        4101 input errors, 0 CRC, 0 frame, 4101 overrun, 0 ignored, 0 abort

        0 pause input, 0 resume input

        0 L2 decode drops, 0 demux drops

        20613129289 packets output, 15036177694628 bytes, 0 underruns

        0 pause output, 0 resume output

        0 output errors, 0 collisions, 0 interface resets

        0 late collisions, 0 deferred

        0 input reset drops, 0 output reset drops

        input queue (blocks free curr/low): hardware (255/230)

        output queue (blocks free curr/low): hardware (255/14)

  Control Point Interface States:

        Interface number is 8

        Interface config status is active

        Interface state is active

---------------------------------------------------------------------------------------------------------------

brhofwf01per/act# show module

Mod Card Type                                    Model              Serial No.

--- -------------------------------------------- ------------------ -----------

  0 ASA 5550 Adaptive Security Appliance         ASA5550            JMX1502L0T1

  1 SSM-4GE Included with ASA 5550 System        SSM-4GE-INC        JAF1452ASJJ

Mod MAC Address Range                 Hw Version   Fw Version   Sw Version

--- --------------------------------- ------------ ------------ ---------------

  0 f866.f24d.06e8 to f866.f24d.06ec  2.0          1.0(11)5     8.2(5)26

  1 e05f.b92d.e8a7 to e05f.b92d.e8aa  1.0          1.0(0)8      1.0(0)10

Mod SSM Application Name           Status           SSM Application Version

--- ------------------------------ ---------------- --------------------------

Mod Status             Data Plane Status     Compatibility

--- ------------------ --------------------- -------------

  0 Up Sys             Not Applicable

  1 Up                 Up

----------------------------------------------------------------------------------------------------------------------

brhofwf01per/act# show int ip br

Interface                  IP-Address      OK? Method Status                Protocol

GigabitEthernet0/0         unassigned      YES unset  up                    up

GigabitEthernet0/0.20      200.142.207.164 YES CONFIG up                    up

GigabitEthernet0/1         unassigned      YES unset  up                    up

GigabitEthernet0/1.130     172.17.7.1      YES CONFIG up                    up

GigabitEthernet0/2         unassigned      YES unset  up                    up

GigabitEthernet0/2.160     172.17.11.1     YES CONFIG up                    up

GigabitEthernet0/3         unassigned      YES unset  up                    up

GigabitEthernet0/3.140     172.17.8.1      YES CONFIG up                    up

Internal-Data0/0           unassigned      YES unset  up                    up

Management0/0              unassigned      YES unset  administratively down up

GigabitEthernet1/0         unassigned      YES unset  up                    up

GigabitEthernet1/0.150     172.17.10.1     YES CONFIG up                    up

GigabitEthernet1/0.165     200.142.207.185 YES CONFIG up                    up

GigabitEthernet1/0.170     172.17.12.1     YES CONFIG up                    up

GigabitEthernet1/1         unassigned      YES unset  up                    up

GigabitEthernet1/2         unassigned      YES unset  up                    up

GigabitEthernet1/2.905     172.16.253.3    YES CONFIG up                    up

GigabitEthernet1/3         unassigned      YES unset  up                    up

GigabitEthernet1/3.900     192.0.0.2       YES unset  up                    up

GigabitEthernet1/3.901     192.0.0.6       YES unset  up                    up

Internal-Data1/0           unassigned      YES unset  up                    up

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

‎03-07-2013 01:57 PM

1 - That interface is the interface that connects that ASA to the SSM-4GE-INC card.

2 - Overruns on this interface means that packets were dropped because there  are no buffers in the switch to forward them to the outgoing port. If the counter increases significatnly that means that the SSM-4GE-INC card might be overloaded or oversubscribed as you might have lots of traffic going through those card. However, if the counter increases slowly and you don't see any real production issue, then it should be allright, just have to monitor it a little closer.

0 Helpful

Christian Jorge
Level 1
Level 1
In response to Jennifer Halim

‎03-14-2013 06:49 AM

About oversubscription, may I suppose that all traffic coming from Gigabit interfaces in SSM-4GE-INC card is more than supported by the card bus (interface Internal-Data)?

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to Christian Jorge

‎03-14-2013 06:51 AM

Absolutely correct.

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Jennifer Halim

‎04-07-2013 09:55 AM

Hi Christian,

You can check if the Slot 1 is oversubscribed by checking the show traffic command and at the end you will see the Disctribution of traffic between Slot 0 & 1.

If that is the issue , you can check this:-

http://www.cisco.com/en/US/docs/security/asa/quick_start/5500/5500_quick_start.html#wp35995

Hope this helps.

Vibhor

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card