iam getting around 1000 to 20,000 receive discards on almost all of our 8 fwsms per hour. i dont know why..
note;
receive errors = 0
transmit errors=0
transmit discards=0
Hi,
Below is the definition of the OID used to retrieve the Receive Discards stats in the IF-MIB :
---
Inbound Discards:
The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. One possible reason for discarding such a packet could be to free up buffer space.
How the above OID is increased is at the discretion of each manufacturer. Because the IF-MIB might be limited in term of definitions for some manufacturers, they sometimes create additional MIBs to monitor the interfaces on their products.
As this comes from a fwsm, I suppose these are packets discarded due to some rules. The network might have been scanned.
You might want to compare the results with more specific MIBs such as CISCO-UNIFIED-FIREWALL-MIB (1.3.6.1.4.1.9.9.491).
HTH,
Yann
I also understood these to be FW ACL Rule based discards and filtered those out from the top 10 lists by using a filter (click edit, then add something like this in the filter:::
(Interfaces.NodeID NOT IN (352,353,354,355,356,357,651,652,653,654,655,656,657,658,659,660,661,662,424,425,450,704,705) AND Interfaces.Caption NOT LIKE '*Servo*' AND Interfaces.Caption NOT LIKE 'Adaptive Security App*' )
