Preview Tool

Cisco Bug: CSCvd78303 - ARP functions fail after 213 days of uptime, drop with error 'punt-rate-limit-exceeded'

Last Modified

Jan 23, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.1(7.9) 9.2(4.15) 9.4(3.5) 9.4(4) 9.5(3) 9.6(2.1) 9.6(3) 9.7(1)

Description (partial)

An ASA, after reaching an uptime of roughly 213 days will fail to process ARP packets leading to a condition where all traffic eventually stops passing through the affected device. Since not all existing ARP entries time out at the same time, not all connections may fail at the same time.
 Additional symptoms include:
 - ASA does not have ARP entries in its ARP table. show arp is empty
 - The output of show asp drop and ASP drop captures indicate a rapidly increasing counter for <i>punt-rate-limit exceeded</i> and the dropped packets are predominantly ARP.
 Images with fixes for this defect will be published as soon as they are available, and posted to the Cisco Software Download center.

This is seen when the ASA's uptime reaches 213 days.

This problem affects ASA and FTD versions:
ASA version 9.1 releases 9.1(7)8 and higher
ASA version 9.2 releases 9.2(4)15 and higher
ASA version 9.4 releases 9.4(3)5 and higher including 9.4(4)
ASA version 9.5 releases 9.5(3) and higher
ASA version 9.6 releases 9.6(2)1 and higher including 9.6(3)
ASA version 9.7 releases 9.7(1) and higher
FTD version 6.1 releases and higher
FTD version 6.2 releases 6.2.0

Related Community Discussions

<key>CSCvd78303</key> - affected versions
I have a customer who are running Cisco ASA version 9.6.2 software. When I look at the afftected software versions for Cisco bug ID <key>CSCvd78303</key>, the 9.6.2 code train starts with version 9.6.2(1). Does this mean that version 9.6.2 is not affected?
Latest activity: Apr 18, 2018
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.