[c-nsp] High memory usage of Cisco PIX 515e

Thu Jun 2 02:59:44 EDT 2011

hello,
I am observing increased memory usage of my Cisco PIX firewall. I tried even to 
graph the memory usage and cpu utilization using MRTG.
the cpu utilization seems ok but the memory is almost used up even when the link 
to the internet is down. the PIX has 67MB of RAM.
i am always getting slow connection with 50Mbps link to the Internet. there was 
a problem in my ISP that we didn't have connection to the internet for two days, 
but still the memory utilization was from 4%-12%(when our users are not 
connected to the outside) during these days. there are times even when the free 
memory drops down to 1.5%.  Then i tried  to turn off logging in case logging 
could be using more memory. but i didn't see any difference. some of the 
statistics are as follows.

# sh mem detail 
Free memory:                       2918496 bytes ( 4%)
Used memory:
     Allocated memory in use:     42545712 bytes (63%)
     Reserved memory:             21644656 bytes (32%)
-----------------------------   ----------------
Total memory:                     67108864 bytes (100%)

Least free memory:          69704 bytes ( 0%)
Most used memory:        67039160 bytes (100%)

and the CPU usage is like the following.
pix# sh cpu u 
CPU utilization for 5 seconds = 30%; 1 minute: 30%; 5 minutes: 29%

And the number of connections

pix# sh conn count 
9597 in use, 22745 most used
pix# sh xlate count 
14101 in use, 26759 most used

pix# sh run timeout 
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute

 So, I appreciate in advance any suggestions on how to proceed to solve this 
problem.

Best regards,
Teklay