Guest

Preview Tool

Cisco Bug: CSCul14129 - DOC: Software IPS in promiscuous mode will cause underruns on ASA

Last Modified

Nov 27, 2020

Products (1)

  • Cisco Adaptive Security Appliance (ASA) Software

Known Affected Releases

9.1(1)

Description (partial)

Symptom:
The ASA can exhibit underruns on the internal-data interface going to the software IPS configured for promiscuous mode.

The underruns for promiscuous mode IPS are expected behavior if we inspect a lot of traffic or have spikes in traffic rates. This is because the ASA will not wait for the IPS to finish inspection before forwarding traffic. It is also possible to have underruns if the IPS inspects long flows, like file downloads.

Conditions:
This only affects the ASA 5500-X platforms running a software IPS in promiscuous mode.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.