1. Home
  2. Cisco Systems
  3. Pix 525 running 7.1(1) dropping packets

Pix 525 running 7.1(1) dropping packets

I recently upgraded to 7.1(1) on the pix 525 and have this problem that every 4-5 days or so the firewall starts dropping packets, internet access is slow or non-existant. I use the blue cisco cable to establish a serial connection to the firewall, and am either not able to ping hosts at all, or I get a 20%-40% success rate when trying to ping. Whether I ping the outside router, inside hosts, or dmz hosts, its the same result. If I reboot the system, then seems to fix the problem completely (until the next time, when it starts all over again). I am not running any logging on the server, so its not a question of the flash filling up.

Has anyone else had this problem ?

Reply to
networksecurity
Loading thread data ...

I recently upgraded to 7.1(1) on the pix 525 and have this problem that every 4-5 days or so the firewall starts dropping packets, internet access is slow or non-existant. I use the blue cisco cable to establish a serial connection to the firewall, and am either not able to ping hosts at all, or I get a 20%-40% success rate when trying to ping. Whether I ping the outside router, inside hosts, or dmz hosts, its the same result. If I reboot the system, then seems to fix the problem completely (until the next time, when it starts all over again). I am not running any logging on the server, so its not a question of the flash filling up.

Has anyone else had this problem ?

Reply to
networksecurity

I recently upgraded to 7.1(1) on the pix 525 and have this problem that every 4-5 days or so the firewall starts dropping packets, internet access is slow or non-existant. I use the blue cisco cable to establish a serial connection to the firewall, and am either not able to ping hosts at all, or I get a 20%-40% success rate when trying to ping. Whether I ping the outside router, inside hosts, or dmz hosts, its the same result. If I reboot the system, then seems to fix the problem completely (until the next time, when it starts all over again). I am not running any logging on the server, so its not a question of the flash filling up.

Has anyone else had this problem ?

Reply to
networksecurity

I would be interested to know whether "clear xlate" or "clear local" affected the situation?

But RAM might get fragmented. Try "show mem" -- in 6.x anyhow, that shows the number of entries in each of the size pools. Normally the values are nice an pyramidal, but when things go worng [at least in 6.x] the numbers invert. I don't have a sample to show you, but when you've seen it once you'd recognize it again.

Reply to
Walter Roberson

Actually I think this is the problem, show mem, shows the used memory steadily increasing. At the rate its going, it seems like it will overflow in about 4-5 days. This seems to be a memory leak -

Do you know if upgrading to 7.1(2) is supposed to resolve this. I didnt upgrade to 7.1(2) because of reported problems of the inside interface dropping packets actually.

Reply to
networksecurity

Sorry, I don't know that. You could try looking through the bug lists in the 7.1(2) release notes.

Reply to
Walter Roberson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.