Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-14
Cisco ASA Series 명령 참조 , S 명령
  
3      show as-path-access-list through show auto-update 명령              
  show asp drop
    This counter will increment when the appliance attempts to forward a layer-2 packet to 
a rate-limited control point service routine and the rate limit (per/second) is now being 
exceeded. Currently, the only layer-2 packets destined for a control point service routine 
which are rate limited are ARP packets. The ARP packet rate limit is 500 ARPs per second 
per interface.
Recommendation:
    Analyze your network traffic to determine the reason behind the high rate of ARP 
packets.
 Syslogs:
    322002, 322003 
----------------------------------------------------------------
Name: punt-no-mem
Punt no memory:
    This counter is incremented and the packet is dropped when there is no memory to 
create data structure for punting a packet to Control Point.
Recommendation:
    No action needs to be taken if this condition is transient. If this condition persists 
due to low memory, then system upgrade might be necessary.
Syslogs:
    None
----------------------------------------------------------------
Name: punt-queue-limit
Punt queue limit exceeded:
    This counter is incremented and the packet is dropped when punt queue limit is 
exceeded, an indication that a bottle-neck is forming at Control Point.
Recommendation:
    No action needs to be taken. This is a design limitation.
Syslogs:
    None
----------------------------------------------------------------
Name: flow-being-freed
Flow is being freed:
    This counter is incremented when the flow is being freed and all packets queued for 
inspection are dropped.
Recommendation:
    No action needs to be taken.
Syslogs:
    None
----------------------------------------------------------------
Name: invalid-encap
Invalid Encapsulation:
    This counter is incremented when the security appliance receives a frame belonging to 
an unsupported link-level protocol or if the L3type specified in the frame is not 
supported by the appliance. The packet is dropped.
Recommendation:
    Verify that directly connected hosts have proper link-level protocol settings.