Solved: Traffic Delay ASA 5510

Rafael Mendes · ‎03-12-2013

Hello Everyone,

I Have a enviorment below:

Core Internal Network -> Cisco ASA 5510 -> DMZ Switch

Example: If i send a ping reguest from internal network to servers in DMZ Switch over the ASA 5510, i can see a delay in response, some times this delay can be more than 80ms, this is a problem for the web applications in http traffic.

How i can find what's happening on my ASA? I disable the inspect traffic over the IPS, disable the policy maps below, reload the two boxes, but doesn't works, the problem still persists.

policy-map Security

class TCP_Normalization_CM

set connection advanced-options Normalization

class Connection_Limits_CM

set connection conn-max 10000 embryonic-conn-max 3000

Can help me?

Tks a lot.

Rafael Mendes · ‎03-13-2013

Hi,

Problem solved.

A NLB configuration in Unicast mode flooding my vlan witch broadcast packets, we move the configuration for use multicast and now its working fine.

Tks!

View solution in original post

jocamare · ‎03-12-2013

Have you tested the ICMP response times between two directly connected devices to the ASA?

SW1---ASA--SW2

like from SW1 to SW2?

Are there any reported issues with memory or CPU utilization?

What happens when you ping directly from the ASA?

Are there any erros on the ASA interfaces? "show interfaces" to confirm.

Rafael Mendes · ‎03-13-2013

Hi,

Problem solved.

A NLB configuration in Unicast mode flooding my vlan witch broadcast packets, we move the configuration for use multicast and now its working fine.

Tks!