Hi Marc,
First, have you cleared the conters and you're sure that it is current
issue?
If so, check if you have no problem with MTU or some host in the network
which may send incorrect frames (like with bad checksum). Also check the
main interface statistics (sh int g0/0) and duplex/speed.
The ACL drop will not be visible in that output. To see ACL drop check "sh
asp drop flow acl-drop"
You can also try to capture those packets using:
capture ISSUE type asp-drop all (or any drop reason you have on the list)
show capture ISSUE
Regards,
--
Piotr Matusiak
CCIE #19860 (R&S, Security), CCSI #33705
Technical Instructor
website: www.MicronicsTraining.com <http://www.micronicstraining.com/>
blog: www.ccie1.com
�If you can't explain it simply, you don't understand it well enough� -
Albert Einstein
2011/7/21 marc abel <marcabel_at_gmail.com>
> Can anyone tell me if the ASA counts packets that are denied by
> access-list as interface discards?
>
> I am seeing a large amount of discards on a link that is not highly
> congested.
>
> Interface GigabitEthernet0/0.910 "colo", is up, line protocol is up
> Hardware is i82546GB rev03, BW 1000 Mbps, DLY 10 usec
> VLAN identifier 910
> MAC address 001f.9e2a.5da4, MTU 1500
> IP address x.x.x.x.x, subnet mask 255.255.255.248
> Traffic Statistics for "colo":
> 10352815549 packets input, 4682398895151 bytes
> 8616519117 packets output, 4350365106353 bytes
> 31242644 packets dropped
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Jul 22 2011 - 22:25:02 ART