We have several VLANs on the network, and some devices on the management VLAN are experiencing significant packet loss.

I suspect there might be an issue with the firewall pair. When I checked the interface for the management VLAN, I noticed traffic on both the active and standby firewalls, which is unusual. There was a noticeable drop on the standby firewall for this interface.

I performed a failover on the firewall pair, and the issue was resolved. I did a second failover, but the issue did not reoccur, so I haven’t been able to replicate it.

The issue typically reappears every few days. Do you have any suggestions for troubleshooting this further?

active
roc-main-fw# show int e1/2
Interface Ethernet1/2 "iom-oob-a-pr", is up, line protocol is up
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
MAC address 2cf8.9b36.27dd, MTU 1500
IP address 10.105.43.129, subnet mask 255.255.255.128
Traffic Statistics for "iom-oob-a-pr":
1877332343 packets input, 212094444050 bytes
5671350734 packets output, 423783292277 bytes
1274620605 packets dropped
1 minute input rate 282 pkts/sec, 79104 bytes/sec
1 minute output rate 15177 pkts/sec, 883967 bytes/sec
1 minute drop rate, 3 pkts/sec
5 minute input rate 271 pkts/sec, 80664 bytes/sec
5 minute output rate 15308 pkts/sec, 890345 bytes/sec
5 minute drop rate, 2 pkts/sec
rctc-roc-pri-fw1#



standby
roc-main-fw# show int e1/2
Interface Ethernet1/2 "iom-oob-a-pr", is up, line protocol is up
Hardware is EtherSVI, BW 1000 Mbps, DLY 10 usec
MAC address 2cf8.9b4a.c53d, MTU 1500
IP address 10.105.43.130, subnet mask 255.255.255.128
Traffic Statistics for "iom-oob-a-pr":
5527226445 packets input, 345580963598 bytes
15449576 packets output, 9376051162 bytes
5470754926 packets dropped
1 minute input rate 15048 pkts/sec, 872947 bytes/sec
1 minute output rate 0 pkts/sec, 13 bytes/sec
1 minute drop rate, 15047 pkts/sec
5 minute input rate 15050 pkts/sec, 873041 bytes/sec
5 minute output rate 0 pkts/sec, 13 bytes/sec
5 minute drop rate, 15049 pkts/sec
rctc-roc-pri-fw1#