04-13-2022 12:02 AM
Hi,
I am trying to figure out how to check new sessions per second in ASA for capacity planning.
I know that we can use show conn count to check the current connection, but I haven't found how to check new sessions per second.
Is there any way or command to do that?
Thanks,
Raditya P
Solved! Go to Solution.
04-13-2022 12:07 AM
try below :
ciscoasa# show conn count
0 in use, 8 most used
ciscoasa# show resource usage resource rate conns
Resource Current Peak Limit Denied Context
ciscoasa# show perfmon detail PERFMON STATS: Current Average Xlates 0/s 0/s Connections 0/s 0/s TCP Conns 0/s 0/s UDP Conns 0/s 0/s URL Access 0/s 0/s URL Server Req 0/s 0/s TCP Fixup 0/s 0/s TCP Intercept Established Conns 0/s 0/s TCP Intercept Attempts 0/s 0/s TCP Embryonic Conns Timeout 0/s 0/s HTTP Fixup 0/s 0/s FTP Fixup 0/s 0/s AAA Authen 0/s 0/s AAA Author 0/s 0/s AAA Account 0/s 0/s VALID CONNS RATE in TCP INTERCEPT: Current Average N/A 100.00% SETUP RATES: Connections for 1 minute = 0/s; 5 minutes = 0/s TCP Conns for 1 minute = 0/s; 5 minutes = 0/s UDP Conns for 1 minute = 0/s; 5 minutes = 0/s
04-13-2022 12:07 AM
try below :
ciscoasa# show conn count
0 in use, 8 most used
ciscoasa# show resource usage resource rate conns
Resource Current Peak Limit Denied Context
ciscoasa# show perfmon detail PERFMON STATS: Current Average Xlates 0/s 0/s Connections 0/s 0/s TCP Conns 0/s 0/s UDP Conns 0/s 0/s URL Access 0/s 0/s URL Server Req 0/s 0/s TCP Fixup 0/s 0/s TCP Intercept Established Conns 0/s 0/s TCP Intercept Attempts 0/s 0/s TCP Embryonic Conns Timeout 0/s 0/s HTTP Fixup 0/s 0/s FTP Fixup 0/s 0/s AAA Authen 0/s 0/s AAA Author 0/s 0/s AAA Account 0/s 0/s VALID CONNS RATE in TCP INTERCEPT: Current Average N/A 100.00% SETUP RATES: Connections for 1 minute = 0/s; 5 minutes = 0/s TCP Conns for 1 minute = 0/s; 5 minutes = 0/s UDP Conns for 1 minute = 0/s; 5 minutes = 0/s
04-13-2022 03:39 AM
Hi balaji.bandi,
Yes that works, thank you very much
But for the show perfmon detail, you need to do it from the context other than system
asa# show resource usage resource rate conns
Resource Current Peak Limit Denied Context
Conns [rate] 0 139 unlimited 0 admin
Conns [rate] 372 16607 unlimited 0 context1
Conns [rate] 3 337 unlimited 0 context2
asa/context1# show perfmon detail
Context: context1
PERFMON STATS: Current Average
Xlates 0/s 0/s
Connections 291/s 190/s
TCP Conns 233/s 133/s
UDP Conns 22/s 20/s
URL Access 0/s 0/s
URL Server Req 0/s 0/s
TCP Fixup 0/s 0/s
TCP Intercept Established Conns 0/s 0/s
TCP Intercept Attempts 0/s 0/s
TCP Embryonic Conns Timeout 0/s 1/s
FTP Fixup 0/s 0/s
AAA Authen 0/s 0/s
AAA Author 0/s 0/s
AAA Account 0/s 0/s
HTTP Fixup 0/s 0/s
VALID CONNS RATE in TCP INTERCEPT: Current Average
N/A N/A
SETUP RATES:
Connections for 1 minute = 264/s; 5 minutes = 551/s
TCP Conns for 1 minute = 207/s; 5 minutes = 493/s
UDP Conns for 1 minute = 22/s; 5 minutes = 22/s
04-13-2022 07:43 AM
yes if that is multi-context.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide