[c-nsp] PIX 7.01(4)8 cpu-hog

Koen Peetermans k.peetermans at chello.be
Wed Feb 22 15:17:00 EST 2006

Is this pix running OSPF ?

I had major problems with OSPF taking a lot of CPU with this version.......

This problem is not present on 7.1(1)

Kind regards,


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Andreas S. Kerber
Sent: woensdag 22 februari 2006 14:20
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] PIX 7.01(4)8 cpu-hog

Hash: SHA1

One of your clients upgraded a PIX-515E to release 7.01(4)8.
Since that upgrade, the PIX needs to be rebooted every couple of hours
it slows down dramatically after a while.

The result of "sh proc cpu-hog" leads us to believe that
the "emweb/https" process might causes those problems. Does anybody now what
this process does? On another PIX with the same release we don't even see

# sh proc cpu-hog 

    MAXHOG             NUMHOG             LASTHOG             Process
- --------------     ---------------     ---------------       ---------
       700                  2                700              emweb/https

# sh ver

Cisco PIX Security Appliance Software Version 7.0(4)8 
Device Manager Version 5.0(4)3

Compiled on Thu 26-Jan-06 19:32 by root
System image file is "flash:/image"
Config file at boot was "startup-config"

XXXX up 1 hour 9 mins

Hardware:   PIX-515E, 128 MB RAM, CPU Pentium II 433 MHz
Flash E28F128J3 @ 0xfff00000, 16MB
BIOS Flash AM29F400B @ 0xfffd8000, 32KB

Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
 0: Ext: Ethernet0           : address is 0015.c6a1.68f8, irq 10
 1: Ext: Ethernet1           : address is 0015.c6a1.68f9, irq 11
 2: Ext: Ethernet2           : address is 000d.8810.ba84, irq 11
 3: Ext: Ethernet3           : address is 000d.8810.ba85, irq 10
 4: Ext: Ethernet4           : address is 000d.8810.ba86, irq 9
 5: Ext: Ethernet5           : address is 000d.8810.ba87, irq 5

Licensed features for this platform:
Maximum Physical Interfaces : 6         
Maximum VLANs               : 25
Inside Hosts                : Unlimited 
Failover                    : Active/Active
VPN-DES                     : Enabled   
VPN-3DES-AES                : Disabled  
Cut-through Proxy           : Enabled   
Guards                      : Enabled   
URL Filtering               : Enabled   
Security Contexts           : 2         
GTP/GPRS                    : Disabled  
VPN Peers                   : Unlimited

Version: GnuPG v1.2.2 (GNU/Linux)

cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list