Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
522
Views
0
Helpful
2
Replies

FWSM with packets dropped.

loyoung
Level 1
Level 1

‎06-10-2013 09:30 AM - last edited on ‎03-25-2019 05:51 PM by Community Manager

Hello there,

I happen to noticed the FWSM was dropping packets at about 387 packets every 5 minutes. My outside FWSM is WAN facing and has a 1gig link (35% utilized) my inside facing has about 100 downstream switches to the closets. I do not see my 6509's backplane is being overutilized and my understanding of the FWSM show be go for 5 gig so it isnt oversubscribe. Could anyone shed some light as to why i am seeing packets dropped? Thanks in advance, Lou             

UHNC-PMH3B-FC-4-10/core# sh int

Interface Vlan797 "inside", is up, line protocol is up

MAC address 001e.4a8d.e000, MTU 1500

IP address 10.4.250.13, subnet mask 255.255.255.248

Traffic Statistics for "inside":

1079420471136 packets input, 589161885542407 bytes

1033488169378 packets output, 378866554518173 bytes

110718353 packets dropped

Interface Vlan798 "outside", is up, line protocol is up

MAC address 001e.4a8d.e000, MTU 1500

IP address 10.4.250.13, subnet mask 255.255.255.248

Traffic Statistics for "outside":

1240876999557 packets input, 387021847377606 bytes

1251466088485 packets output, 537676532692150 bytes

121615732 packets dropped

Interface BVI1 "", is up, line protocol is up

Available but not configured via nameif

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎06-10-2013 09:45 AM

Hi,

Some of the output on the "show interface" output has always been a mystery to me when trying to find correct information.

I was however able to find the following explanation regards the "packets dropped" section of "show interface" command output

On the FWSM, the dropped counter will increment when the FWSM receives a  packet that is not destined for it (the Destination MAC address in the  packet is not the FWSM's MAC address).  This can happen when the switch  floods packets because of CAM table misses.  Additionally, the counter  will be incremented for CDP and VTP packets (as the FWSM does not  support these  protocols), and other multicast packets (assuming  multicast is not configured on the FWSM).  Also, IP broadcast packets  will be counted here.

I was imagening that it might be something like the above. I have witnessed the same in some Cisco routers which have switches behind them (doh!) which have services enabled that the Router is no supporting OR services that are not enabled on the router.

Hope this helps

- Jouni

0 Helpful

loyoung
Level 1
Level 1
In response to Jouni Forss

‎06-10-2013 09:53 AM

Thanks for the info Jouni.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card