From: Brown, Patrick (NSOC-OCF} (PBrown4@chartercom.com)
Date: Tue Aug 26 2003 - 18:14:21 GMT-3
George,
What is the model of your PIX?
What is your upstream internet border routers platform?
What ports/protocols are you blocking?
You are most likely getting pounded by ICMP traffic on the pix. If you have
a 7200 or better upstream border router with 40% or less cpu, rate-limit
ICMP or totally block there. If you have a fat subnet(/22 /21 /23 /etc..)
attached to your box, it will be arping for every IP that is scanned/ping in
this range. Note: Your Arp Input process will be high. <-- blocking all ICMP
or just echo-reply will help with this.
Reply with info!
Thanks,
Patrick B
-----Original Message-----
From: George Gittins [mailto:g.gittins@edinburg.esc1.net]
Sent: Tuesday, August 26, 2003 3:53 PM
To: ccielab@groupstudy.com
Subject: Pix responding slow
I put a couple of access-list on the pix to stop the blaster worm and I
noticed that internet is being awful slow, plus my pix is responding
very slow
George Gittins
Network Maintenance Supervisor
ECISD
This archive was generated by hypermail 2.1.4 : Tue Sep 02 2003 - 18:54:07 GMT-3