Solved: Sh resource usage output ---hosts and connections

mahesh18 · ‎05-28-2013

Hi Everyone,

When i do sh resource usage on firewall it shows

Hosts 800.

Connections 5000

Need to understand what is difference between these 2?

Thanks

Mahesh

Julio Carvajal · ‎05-28-2013

Hello Mahesh,

Host : Amount of host that are sending traffic across the ASA

Connections: Total amount of connections being built between the hosts.

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Jouni Forss · ‎05-28-2013

Hi,

From what the documentation tells is would seem that they refer to the following

conns — TCP or UDP connections between any two hosts, including connections between one host and multiple other hosts.
hosts — Hosts that can connect through the ASA.

Source:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s4.html#wp1527546

With regards to the "conns" it should tell you the amount of connections on the ASAs connection table currently and it should also mention the peak value of the amount of connections the ASA has had in its connection table.

I am not sure if the "hosts" field refers to the amount of unique hosts connecting through the firewall or the licensed limit of hosts allowed by the firewall. To be honest it doesnt seem to match either on my own firewall for example which is still a 10 user limit ASA5505.

- Jouni

View solution in original post

Jouni Forss · ‎05-28-2013

Hi,

It would seem to refer to a unique host that has a connection through the ASA (whether it was connected to or that host was the one initiating connection) since for example my ASA has a 10 user limit on it and my "show resource usage" output showed 52 hosts.

- Jouni

View solution in original post

SIMMN · ‎05-28-2013

Just consider the Connection# as Session#.

My understanding of the Hosts: the device initiated the connection cross ASA.

View solution in original post

Julio Carvajal · ‎05-28-2013

Hello Mahesh,

Host : Amount of host that are sending traffic across the ASA

Connections: Total amount of connections being built between the hosts.

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Jouni Forss · ‎05-28-2013

Hi,

From what the documentation tells is would seem that they refer to the following

conns — TCP or UDP connections between any two hosts, including connections between one host and multiple other hosts.
hosts — Hosts that can connect through the ASA.

Source:

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s4.html#wp1527546

With regards to the "conns" it should tell you the amount of connections on the ASAs connection table currently and it should also mention the peak value of the amount of connections the ASA has had in its connection table.

I am not sure if the "hosts" field refers to the amount of unique hosts connecting through the firewall or the licensed limit of hosts allowed by the firewall. To be honest it doesnt seem to match either on my own firewall for example which is still a 10 user limit ASA5505.

- Jouni

mahesh18 · ‎05-28-2013

Hi jouni,

When we say hosts — Hosts that can connect through the ASA.

Does this mean that say we have user on outside of ASA and and he want to connect to DMZ server.

So this User from Outside is considered as a Host? as his traffic is passing through the ASA?

Regards

Mahesh

Jouni Forss · ‎05-28-2013

Hi,

It would seem to refer to a unique host that has a connection through the ASA (whether it was connected to or that host was the one initiating connection) since for example my ASA has a 10 user limit on it and my "show resource usage" output showed 52 hosts.

- Jouni

SIMMN · ‎05-28-2013

Just consider the Connection# as Session#.

My understanding of the Hosts: the device initiated the connection cross ASA.

mahesh18 · ‎05-29-2013

Hi Everyone,

Many thanks for answering the question

Regards

Mahesh