02-03-2014 01:42 AM - edited 03-11-2019 08:39 PM
How do i check and monitor the banwidth on ASA 5510/5520? HELP PLLEASE
How do i check how much bandwidth i am getting from ISP?
Customers are complaining that there internet is running slow?
FW01# show interface ip brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 x.x.x.x(public ip) YES CONFIG up up
Ethernet0/1 192.168.50.254 YES CONFIG up up
Ethernet0/2 10.10.10.254 YES CONFIG up up
Ethernet0/3 10.10.50.254 YES CONFIG up up
Management0/0 217.150.110.187 YES CONFIG down down
show interface ethernet 0/0
Interface Ethernet0/0 "outside", is up, line protocol is up
Hardware is i82546GB rev03,
BW 1000 Mbps, DLY 10 usec
Auto-Duplex(Full-duplex), Auto-Speed(1000 Mbps)
MAC address 503d.e582.ea8c, MTU 1500
IP address x.x.x.x, subnet mask 255.255.255.248
264764862 packets input, 248853547927 bytes, 0 no buffer
Received 194889 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 L2 decode drops
218860466 packets output, 29784742938 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 late collisions, 0 deferred
0 input reset drops, 0 output reset drops, 0 tx hangs
input queue (blocks free curr/low): hardware (255/230)
output queue (blocks free curr/low): hardware (255/229)
Traffic Statistics for "outside":
264764862 packets input, 243922605791 bytes
218860466 packets output, 24885425535 bytes
135924 packets dropped
1 minute input rate 22 pkts/sec, 4617 bytes/sec
1 minute output rate 25 pkts/sec, 6004 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 68 pkts/sec, 61484 bytes/sec
5 minute output rate 57 pkts/sec, 10495 bytes/sec
5 minute drop rate, 0 pkts/sec
Customer has 10 MB line why does it say BW 1000 mbps ?????????
Ethernet0/1:
received (in 2004008.264 secs):
523865942 packets 105549749479 bytes
2 pkts/sec 52000 bytes/sec
transmitted (in 2004008.264 secs):
692129216 packets 340991133323 bytes
0 pkts/sec 170000 bytes/sec
1 minute input rate 300 pkts/sec, 32903 bytes/sec
1 minute output rate 454 pkts/sec, 323929 bytes/sec
1 minute drop rate, 0 pkts/sec
5 minute input rate 409 pkts/sec, 41888 bytes/sec
5 minute output rate 663 pkts/sec, 500774 bytes/sec
5 minute drop rate, 0 pkts/sec
what can i tell from show traffic command ?
What are the tools i need to monitor the link ?
Solved! Go to Solution.
02-03-2014 08:09 AM
Hi,
To monitor bandwidth usage - You need management software like SNMP management s/w or MRTG or PRTG. Solarwinds is one of most widely used SNMP management software. MRTG or PRTG you may need some software side knowledge (search online for more information). You can also use 'Netflow' but that give traffic stats (who is going where etc).
As test, you can do speedtest (goto speedtest.net) and see how much download/upload speeds you are getting from ISP.
If you are providing services to customers, you need to look into 'cap' the bandwidth usage to the customer.
Customer has 10 MB line why does it say BW 1000 mbps --> ASA connected to a swtich or other hand off device and auto negotiating speed and duplex. The other end left at 1000 hence ASA negotiated at 1000. That does not mean you are getting 1000meg speed. your ISP definitely 'cap' the bandwdth assigned to you.
hth
MS
02-03-2014 03:08 AM
Hi,
You can use ASDM to monitor the traffic.
Thanks
Mohammed
02-03-2014 08:09 AM
Hi,
To monitor bandwidth usage - You need management software like SNMP management s/w or MRTG or PRTG. Solarwinds is one of most widely used SNMP management software. MRTG or PRTG you may need some software side knowledge (search online for more information). You can also use 'Netflow' but that give traffic stats (who is going where etc).
As test, you can do speedtest (goto speedtest.net) and see how much download/upload speeds you are getting from ISP.
If you are providing services to customers, you need to look into 'cap' the bandwidth usage to the customer.
Customer has 10 MB line why does it say BW 1000 mbps --> ASA connected to a swtich or other hand off device and auto negotiating speed and duplex. The other end left at 1000 hence ASA negotiated at 1000. That does not mean you are getting 1000meg speed. your ISP definitely 'cap' the bandwdth assigned to you.
hth
MS
02-04-2014 09:58 AM
For my situation, one the most helpful thing has been watching dropped packet counts. Instantaneous bandwidth demands can be much higher than rates averaged over several minutes, and it's too expensive to sample fast enough to see the problems in real-time. If the ASA is showing overruns or underruns, you may need a faster ASA or simpler configuration. If the device, typically a switch, connected to your ISP uplink is showing dropped packets, you may need a bigger pipe, or QoS rate-limiting.
-- Jim Leinweber, WI State Lab of Hygiene
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide