05-28-2013 09:42 AM - edited 03-11-2019 06:50 PM
Hi Everyone,
When i do sh resource usage on firewall it shows
Hosts 800.
Connections 5000
Need to understand what is difference between these 2?
Thanks
Mahesh
Solved! Go to Solution.
05-28-2013 09:55 AM
Hello Mahesh,
Host : Amount of host that are sending traffic across the ASA
Connections: Total amount of connections being built between the hosts.
Regards
05-28-2013 09:55 AM
Hi,
From what the documentation tells is would seem that they refer to the following
Source:
http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s4.html#wp1527546
With regards to the "conns" it should tell you the amount of connections on the ASAs connection table currently and it should also mention the peak value of the amount of connections the ASA has had in its connection table.
I am not sure if the "hosts" field refers to the amount of unique hosts connecting through the firewall or the licensed limit of hosts allowed by the firewall. To be honest it doesnt seem to match either on my own firewall for example which is still a 10 user limit ASA5505.
- Jouni
05-28-2013 10:23 AM
Hi,
It would seem to refer to a unique host that has a connection through the ASA (whether it was connected to or that host was the one initiating connection) since for example my ASA has a 10 user limit on it and my "show resource usage" output showed 52 hosts.
- Jouni
05-28-2013 10:25 AM
Just consider the Connection# as Session#.
My understanding of the Hosts: the device initiated the connection cross ASA.
05-28-2013 09:55 AM
Hello Mahesh,
Host : Amount of host that are sending traffic across the ASA
Connections: Total amount of connections being built between the hosts.
Regards
05-28-2013 09:55 AM
Hi,
From what the documentation tells is would seem that they refer to the following
Source:
http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/s4.html#wp1527546
With regards to the "conns" it should tell you the amount of connections on the ASAs connection table currently and it should also mention the peak value of the amount of connections the ASA has had in its connection table.
I am not sure if the "hosts" field refers to the amount of unique hosts connecting through the firewall or the licensed limit of hosts allowed by the firewall. To be honest it doesnt seem to match either on my own firewall for example which is still a 10 user limit ASA5505.
- Jouni
05-28-2013 10:20 AM
Hi jouni,
When we say hosts — Hosts that can connect through the ASA.
Does this mean that say we have user on outside of ASA and and he want to connect to DMZ server.
So this User from Outside is considered as a Host? as his traffic is passing through the ASA?
Regards
Mahesh
05-28-2013 10:23 AM
Hi,
It would seem to refer to a unique host that has a connection through the ASA (whether it was connected to or that host was the one initiating connection) since for example my ASA has a 10 user limit on it and my "show resource usage" output showed 52 hosts.
- Jouni
05-28-2013 10:25 AM
Just consider the Connection# as Session#.
My understanding of the Hosts: the device initiated the connection cross ASA.
05-29-2013 07:32 AM
Hi Everyone,
Many thanks for answering the question
Regards
Mahesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide