03-27-2014 07:28 AM - edited 03-12-2019 06:06 PM
I have an interesting problem that I am looking for some advice on. I recently replaced an ASA5510 with an ASA5525 on site. The LAN interface on the ASA plugs into a linux transparent proxy server. Over the last few weeks since the ASA replacement, There have been 4 or 5 occasions where the internet drops on site for a few seconds (all connections lost). The ASA does NOT log an interface outage that I have seen, but the proxy server does:
09:00:52 Kernel [949334.379969] igb: ethD NIC Link is Down |
09:00:52 Kernel [949334.380911] brCD: port 2(ethD) entering forwarding state |
09:00:54 Kernel [949336.450178] igb: ethD NIC Link is Up 10 Mbps Full Duplex, Flow Control: RX/TX |
09:00:54 Kernel [949336.450561] brCD: port 2(ethD) entering forwarding state |
09:00:54 Kernel [949336.450573] brCD: port 2(ethD) entering forwarding state |
09:00:55 Kernel [949336.989408] igb: ethD NIC Link is Down |
09:00:55 Kernel [949337.449254] brCD: port 2(ethD) entering forwarding state |
09:00:58 Kernel [949340.482199] igb: ethD NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX |
09:00:58 Kernel [949340.482442] brCD: port 2(ethD) entering forwarding state |
09:00:58 Kernel [949340.482446] brCD: port 2(ethD) entering forwarding state |
09:01:11 Kernel [949355.471201] brCD: port 2(ethD) entering forwarding state |
09:02:25 Kernel [949429.127280] igb: ethD NIC Link is Down |
09:02:25 Kernel [949429.127656] brCD: port 2(ethD) entering forwarding state |
09:02:29 Kernel [949432.999715] igb: ethD NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None |
09:02:29 Kernel [949432.999981] brCD: port 2(ethD) entering forwarding state |
09:02:29 Kernel [949432.999986] brCD: port 2(ethD) entering forwarding state |
09:02:44 Kernel [949447.988709] brCD: port 2(ethD) entering forwarding state
The auto negotiation of the 1Gbsp interface has some back and forth, but I cannot figure out what is causing the actual interface outage. There are no errors on the interface: sho inter gi 0/1
I seem to be chasing my tail quite a bit on it. Any advice would be greatly appreciated. |
03-27-2014 09:26 AM
If you are saying that the auto negotiation has some back and forth, perhaps it is better to set up the negotiation manually. Try setting the speed and duplex manually on both interfaces. Hopefully this can solve your issue.
HTH,
03-27-2014 10:23 AM
The autonegotiation going back and forth before settling on 1000/full sucks, but I cannot manually set the speed/duplex on the linux proxy server - its a limitation of the software. The proxy software vendor of course blames the ASA.
The difficult part is trying to figure out why the port is bouning at all, as nothing is being done to cause the short outages that occur relativly frequently. Patch cables have been replaced. Is there a creative debug or log anyone can thing of? Has anyone experienced similar issues?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide