Marc,
If this is a "feature" , Microsoft's software is this feature type prone
;-))
Regards,
PL Steinbruch
PS. Send this to BUGTRACK !
----- Original Message -----
From: Marc Renner <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, November 10, 1999 11:52 PM
Subject: Re: Does PIX suck?
> I've had the same problem, however I tracked the problem down. The PIX in
question was located in a computer room backed up by a huge battery backup
(enough to power the hole building). When battery backup tests were
performed, it cycled the power enogh to trip my PIX. I havent looked through
the documentation enough to determine if this is a bug or feature, however
when the current drops low enough I have to physically turn both the router
AND PIX off and back on again to reestablish the circuit.
>
>
> hope this helps..
>
>
> Marc Renner - Director
> Network Operations Dept.
> City of Marysville, WA.
>
> ++Don't get Mad...get NDS!++
>
>
> >>> Gustavo Bellotto <[EMAIL PROTECTED]> 11/08/99 06:29AM >>>
> Hello,
>
> Since we've installed a PIX 515 firewall it hangs two or three times
> a day. IN and OUT Interfaces stop responding and ping fails from PIX
> to any other IPs than its own interfaces.
>
> Each time it's gone we saw from console that 1550 bytes long buffers were
exhausted.
>
> Cisco documentation of SHOW BLOCKS command is really funny:
>
> "A zero in CNT column means memory is exhausted now. Exhausted
> memory is not a problem as long as traffic is moving through the PIX
> Firewall. You can use the show conn commands to see if traffic is
> moving. If traffic is not moving and the memory is exhausted, a
> problem may be indicated."
>
> Of course traffic does no pass through when PIX is dead, although traffic
> counters increase slowly.
>
> During normal operation we have less than 100 connections, but most
> of them could have heavy traffic (proxies servers). Typical buffers
utilization is:
>
> SIZE MAX LOW CNT
> 4 1600 1597 1599
> 80 400 397 400
> 256 400 394 398
> 1550 932 635 674
> 65536 8 7 8
>
> (Just 1/3 of 1550 bytes buffers allocated)
>
> Also main memory does not seem to be an issue:
> 33554432 bytes total, 25481216 bytes free
>
> PIX soft version is 4.4(1) (2 interfaces, no fail-over nor IPsec).
>
> Did anybody hear of such a problem?
>
> Thanks,
>
> Gustavo Bellotto
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
