Cisco Bug: CSCvu94846 - When enabling inline tap mode you may experience between 20-50% performance reduction
Aug 22, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: Performance reduced by between %20 and %50 following enabling TAP mode on a Firepower Threat Defense Inline-set Conditions: Firepower Threat Defense with inline set that has TAP mode enabled. You can determine if you have TAP mode enabled on the inline set by running the following command: ciscoasa# show inline-set Inline-set inline Mtu is 1500 bytes Fail-open for snort down is on Fail-open for snort busy is off Tap mode is on Propagate-link-state option is off hardware-bypass mode is disabled Interface-Pair: Interface: GigabitEthernet0/0 "inside" Current-Status: DOWN Interface: GigabitEthernet0/1 "outside" Current-Status: UP Bridge Group ID: 0 If the `Tap mode is on` is in the output as above, then TAP mode is enabled.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases