Manualsbrain.com
  1. Handbücher
  2. Marken
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Merkblatt

Cisco Cisco ASA 5510 Adaptive Security Appliance Merkblatt

Download
Seite von 1264
 
3-39
Cisco ASA Series 명령 참조, S 명령      
 
3      show as-path-access-list through show auto-update 명령
  show asp drop    
Syslogs:
    None
----------------------------------------------------------------
Name: fragment-reassembly-failed
Fragment reassembly failed:
    This counter is incremented when the appliance fails to reassemble a chain of 
fragmented packets into a single packet. All the fragment packets in the chain are 
dropped. This is most probably because of failure while allocating memory for the 
reassembled packet.
Recommendation:
    Use the show blocks command to monitor the current block memory.
Syslogs:
    None
----------------------------------------------------------------
Name: ifc-classify
Virtual firewall classification failed:
    A packet arrived on a shared interface, but failed to classify to any specific context 
interface.
Recommendation:
    For software versions without customizable mac-address support, use the "global" or 
"static" command to specify the IPv4 addresses that belong to each context interface.  For 
software versions with customizable mac-address support, enable "mac-address auto" in 
system context.  Alternatively, configure unique MAC addresses for each context interfaces 
residing over a shared interface with "mac-address" command under each context interface 
submode.
Syslogs:
    None.
----------------------------------------------------------------
Name: connection-lock
Connection locking failed:
    While the packet was waiting for processing, the flow that would be usedwas destroyed.
Recommendation:
    The message could occur from user interface command to remove connection in an device 
that is actively processing packet.  Otherwise, investigate flow drop counter.  This 
message may occur if the flow are forced dropped from error.
Syslogs:
    None.
----------------------------------------------------------------
Name: interface-down
Interface is down:
    This counter will increment for each packet received on an interface that is shutdown 
via the 'shutdown' interface sub-mode command. For ingress traffic, the packet is dropped 
after security context classification and if the interface associated with the context is 
shut down. For egress traffic, the packet is dropped when the egress interface is shut 
down.
Recommendation:
    No action required.