Re: FWSM drop packets after change from single to multi context

hoffa2000 · ‎12-06-2006

Hello all

A few days ago I changed the mode of our FWSM 3.1 from single mode to multicontext. I created one context, made it admin, and configured it with the same config as the FWSM had as a single mode. Everything seems to work fine, packets are forwarded as before through the interfaces

The problem is that after the mode change the context in use is reporting a large amount of dropped packets on all interfaces.

Example: Traffic Statistics for "INTERNET":

364 packets input, 51877 bytes

279 packets output, 327922 bytes

150 packets dropped

Nothing out of the ordinary is shown in any logs and all pings to and from the different interfaces are 100%.

Is this part of the multicontext/classifier process or is this a sign of an error?

Regards

Fredrik Hofgren

jgervia_2 · ‎12-06-2006

Hello,

The 'show interface' commands in a context shows packets dropped by policy (access list, implied drops, broadcast packet drops) - not packets dropped because of interface errors.

If you want to see the interface errors, you have to change to the system context using a 'ch con system' and do a 'show interface' there.

--Jason

Please rate this message if it helped solve some or all of your issue/question.

hoffa2000 · ‎12-07-2006

Thats interesting. Because my connected vlans and the traffic on them has not changed. We use Solarwinds Orio to monitor our Cisco equipment. If it's true what you say, then the OID that Solarwinds access on the single context FWSM to retrieve dropped packets due to interface errors has changed meaning and in a multicontext FWSM show the number of packets dropped by policy. This render the indicator useless in my perspective, especially since I can't find a way to change the OID in Solarwinds