× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Ok... update time... here are the interface stats on the PIX from this
morning since clearing them yesterday... i'm seeing the input errors more
on the inside interface than the DMZ... should I be suspecting that
instead?  I still see some runts on the DMZ also, though...

Result of firewall command: "show interface"

interface ethernet0 "outside" is up, line protocol is up
  Hardware is i82559 ethernet, address is 0005.328f.cf66
  IP address 12.161.209.241, subnet mask 255.255.255.248
  MTU 1500 bytes, BW 100000 Kbit full duplex
      253378 packets input, 184274615 bytes, 0 no buffer
      Received 112 broadcasts, 0 runts, 0 giants
      151 input errors, 97 CRC, 54 frame, 0 overrun, 97 ignored, 0 abort
      231092 packets output, 69124183 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/5)
      output queue (curr/max blocks): hardware (0/37) software (0/4)
interface ethernet1 "inside" is up, line protocol is up
  Hardware is i82559 ethernet, address is 0005.328f.cf67
  IP address 172.17.1.25, subnet mask 255.255.0.0
  MTU 1500 bytes, BW 100000 Kbit full duplex
      559103 packets input, 117982246 bytes, 0 no buffer
      Received 99499 broadcasts, 1048 runts, 0 giants
      1875 input errors, 955 CRC, 920 frame, 0 overrun, 955 ignored, 0
abort
      617775 packets output, 427740103 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/38)
      output queue (curr/max blocks): hardware (1/35) software (0/4)
interface ethernet2 "dmz" is up, line protocol is up
  Hardware is i82559 ethernet, address is 0002.b33d.3be0
  IP address 172.18.1.25, subnet mask 255.255.255.0
  MTU 1500 bytes, BW 100000 Kbit full duplex
      453436 packets input, 284576767 bytes, 0 no buffer
      Received 3269 broadcasts, 679 runts, 0 giants
      27 input errors, 15 CRC, 12 frame, 0 overrun, 15 ignored, 0 abort
      333512 packets output, 94196932 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/12)
      output queue (curr/max blocks): hardware (0/8) software (0/2)
interface ethernet3 "dmz1" is up, line protocol is up
  Hardware is i82558 ethernet, address is 00e0.b604.f78b
  IP address 10.0.0.25, subnet mask 255.255.255.0
  MTU 1500 bytes, BW 100000 Kbit full duplex
      98743 packets input, 26035505 bytes, 0 no buffer
      Received 90331 broadcasts, 0 runts, 0 giants
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
      8236 packets output, 513548 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/2)
      output queue (curr/max blocks): hardware (0/1) software (0/1)
interface ethernet4 "dmz2" is up, line protocol is up
  Hardware is i82558 ethernet, address is 00e0.b604.f78a
  IP address 172.19.1.25, subnet mask 255.255.255.0
  MTU 1500 bytes, BW 100000 Kbit full duplex
      3380 packets input, 226451 bytes, 0 no buffer
      Received 381 broadcasts, 0 runts, 0 giants
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
      10641 packets output, 838371 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/1)
      output queue (curr/max blocks): hardware (0/3) software (0/1)
interface ethernet5 "intf5" is up, line protocol is up
  Hardware is i82558 ethernet, address is 00e0.b604.f789
  IP address 172.11.1.25, subnet mask 255.255.255.0
  MTU 1500 bytes, BW 100000 Kbit full duplex
      7732 packets input, 463920 bytes, 0 no buffer
      Received 0 broadcasts, 0 runts, 0 giants
      0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
      7712 packets output, 462720 bytes, 0 underruns
      0 output errors, 0 collisions, 0 interface resets
      0 babbles, 0 late collisions, 0 deferred
      0 lost carrier, 0 no carrier
      input queue (curr/max blocks): hardware (128/128) software (0/1)
      output queue (curr/max blocks): hardware (0/1) software (0/1)


                                                                           
             ChadB@wheeling-ni                                             
             sshin.com                                                     
             Sent by:                                                   To 
             midrange-l-bounce         Midrange Systems Technical          
             s@xxxxxxxxxxxx            Discussion                          
                                       <midrange-l@xxxxxxxxxxxx>           
                                                                        cc 
             11/28/2005 03:13                                              
             PM                                                    Subject 
                                       Re: FTP and file transfer speeds    
                                                                           
             Please respond to                                             
             Midrange Systems                                              
                 Technical                                                 
                Discussion                                                 
             <midrange-l@midra                                             
                 nge.com>                                                  
                                                                           
                                                                           





OK.  Just cleared the interface stats on the PIX and will see how they look
tomorrow.  I'll see how many of the input errors I end up with on the
various interfaces and then look at replacing the DMZ cables one by one to
see if the errors go away.  Thanks for the suggestions and i'll post the
results.



             Larry Bolhuis
             <lbolhuis@arbsol.
             com>                                                       To
             Sent by:                  Midrange Systems Technical
             midrange-l-bounce         Discussion
             s@xxxxxxxxxxxx            <midrange-l@xxxxxxxxxxxx>
                                                                        cc

             11/28/2005 02:22                                      Subject
             PM                        Re: FTP and file transfer speeds


             Please respond to
             Midrange Systems
                 Technical
                Discussion
             <midrange-l@midra
                 nge.com>






Yah that's high. Although a CLEAR COUNTERS will set everything back to 0
to see if those are new or old errors. I've got PIXs moving TB of data
with errors less than 1000 total and you are only in the MB range yet.
This is one reason why we typically avoid unmanaged equipment in the
data center - no way to get into it and see errors. The Netgear stuff
typically works but when it doesn't you have no idea if it's just a port
or something else. Try new cables first and use a different port in the
switch too. After the CLEAR COUNTERS see if the connection is better.

  - Larry

ChadB@xxxxxxxxxxxxxxxxxxxx wrote:
> I notice the input errors to a lesser extent on the other PIX interfaces,
> but it sounds like you're sure that's way high.  Our DMZ setup is the
> Netgear switch, a cable to the primary PIX, a cable to the failover PIX,
a
> cable to a model 520 5706 integrated ethernet port, and a cable to a
model
> 800 2849 ethernet port.
>
>
>

>              Larry Bolhuis

>              <lbolhuis@arbsol.

>              com>
To
>              Sent by:                  Midrange Systems Technical

>              midrange-l-bounce         Discussion

>              s@xxxxxxxxxxxx            <midrange-l@xxxxxxxxxxxx>

>
cc
>

>              11/28/2005 01:56
Subject
>              PM                        Re: FTP and file transfer speeds

>

>

>              Please respond to

>              Midrange Systems

>                  Technical

>                 Discussion

>              <midrange-l@midra

>                  nge.com>

>

>

>
>
>
>
> Chad,
>
>   Can't tell why just yet but this is your problem: (Snipped from the
> DMZ interface statistics)
>
>       Received 2900311 broadcasts, 124672 runts, 0 giants
>       3198558 input errors, 695102 CRC, 2502959 frame, 497 overrun,
695102
> ignored, 0 abort
>
>    What is the device on the DMZ side of the PIX? The connected between
> that device (hopefully another switch) and the PIX is not happy. Over 3
> million errors and since they are splattered amongst CRC, Frame,
> Overrun, and 'Ignored' it's likely a bad cable, bad port, or bad device
> on that end. It COULD be a bad PIX port but I've not had any of those
fail.
>
>    I'd start there!
>
>        - Larry
>>

--
Larry Bolhuis                   IBM eServer Certified Systems Expert:
Vice President                    iSeries Technical Solutions V5R3
Arbor Solutions, Inc.             iSeries LPAR Technical Solutions V5R3
1345 Monroe NW Suite 259          iSeries Linux Technical Solutions V5R3
Grand Rapids, MI 49505            iSeries Windows Integration Technical
Solutions V5R3
                                IBM eServer Certified Systems Specialist
(616) 451-2500                    iSeries System Administrator for
OS/400 V5R3
(616) 451-2571 - Fax              AS/400 RPG IV Developer
(616) 260-4746 - Cell             iSeries System Command Operations V5R2

  If you can read this, thank a teacher....and since it's in English,
thank a soldier.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


_____________________________________________________________________________


Scanned by IBM Email Security Management Services powered by MessageLabs.
For more information please visit http://www.ers.ibm.com
_____________________________________________________________________________



ForwardSourceID:NT00033642

_____________________________________________________________________________

Scanned by IBM Email Security Management Services powered by MessageLabs.
For more information please visit http://www.ers.ibm.com
_____________________________________________________________________________


_____________________________________________________________________________

Scanned by IBM Email Security Management Services powered by MessageLabs.
For more information please visit http://www.ers.ibm.com
_____________________________________________________________________________--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


ForwardSourceID:NT0003366A

_____________________________________________________________________________
Scanned by IBM Email Security Management Services powered by MessageLabs. For 
more information please visit http://www.ers.ibm.com
_____________________________________________________________________________

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.