Solved: Show current throughput on an ASA

ericdolton · ‎01-21-2010

What is the best way to measure the current throughput on an ASA? I'm guessing you can add all the bytes/sec up from a show interface but i am hoping there is a better way. I am running 8.x

vilaxmi · ‎01-21-2010

Hello,

The show traffic command lists the number of packets and bytes moving through through each interface since the last show traffic command was entered or since the security appliance came online. The number of seconds is the duration the security appliance has been online since the last reboot, unless the clear traffic command was entered since the last reboot. If this is the case, then the number of seconds is the duration since that command was entered. For the ASA 5550 adaptive security appliance, the show traffic command also shows the aggregated throughput per slot.

Also, another way could be to use netflow (8.2 +), and it can give you detailed throughput crossing the ASA.

HTH

Vijaya

View solution in original post

vilaxmi · ‎01-21-2010

Hello,

The show traffic command lists the number of packets and bytes moving through through each interface since the last show traffic command was entered or since the security appliance came online. The number of seconds is the duration the security appliance has been online since the last reboot, unless the clear traffic command was entered since the last reboot. If this is the case, then the number of seconds is the duration since that command was entered. For the ASA 5550 adaptive security appliance, the show traffic command also shows the aggregated throughput per slot.

Also, another way could be to use netflow (8.2 +), and it can give you detailed throughput crossing the ASA.

HTH

Vijaya

lchance · ‎02-02-2011

Vijaya,

Do you have any configuration examples for Netflow on the ASA?

We have a model 5540 sending netflow to a Solarwinds Netflow receiver, but there must be a record format issue. The ASA is our only device behaving this way. And I've confirmed these flow packets do reach this receiver but perhaps we missed something within our configuration of netflow on that ASA.

Chris Ingram · ‎01-26-2015

On the 5550, the aggregate throughput (shown at the bottom of the output) is shown for 1 minute. Is that a minute average (or the last minute) and why is it so different than the sum of bytes/sec for all of the physical interfaces listed above that output?

For example: I have a 5550 that shows 32 MBps throughput for slot 0 but when I add up the receive bytes alone for each physical interface I get 230 MBps

----------------------------------------
Per Slot Throughput Profile (1 minute)
----------------------------------------
Packets-per-second profile:
Slot 0: 44191 100%|**************************************************
Slot 1: 0 0%|

Bytes-per-second profile:
    Slot 0:   32085184 100%|**************************************************
    Slot 1:          0   0%|
CONTEXT-ASA5550-1/pri/act#
CONTEXT-ASA5550-1/pri/act#
CONTEXT-ASA5550-1/pri/act# show module

Mod Card Type                                    Model              Serial No.
--- -------------------------------------------- ------------------ -----------
0 ASA 5550 Adaptive Security Appliance         ASA5550
1 SSM-4GE Included with ASA 5550 System        SSM-4GE-INC

Mod MAC Address Range                 Hw Version   Fw Version   Sw Version
--- --------------------------------- ------------ ------------ ---------------
0 68ef.bdb1.49a4 to 68ef.bdb1.49a8 2.0          1.0(11)5     8.4(2)
1 5475.d04e.d1a6 to 5475.d04e.d1a9 1.0          1.0(0)8      1.0(0)10

Mod SSM Application Name Status SSM Application Version
--- ------------------------------ ---------------- --------------------------

Mod Status             Data Plane Status     Compatibility
--- ------------------ --------------------- -------------
0 Up Sys             Not Applicable
1 Up                 Up