On 5 Mar 2002, at 23:01, Tom Sparks wrote: > I recently installed a PIX 525 with dual Gig-E interfaces and I'm > somewhat puzzled by the results I'm seeing, especially since I > didn't see them with 100BaseT (which is what was configured > previously on the same box). > > The internal interface is showing about 25% more data in than the > external interface is sending out. It can't be that there are that > many denied packets outbound because I've run the FW with an "allow > all" ruleset on both interfaces and still saw the same problem. > > I've confirmed that its not an accounting error on the inside with > monitoring the switch's port. It could be a problem on the > external interface, but I really doubt it. > > Both interfaces appear normal, and have no errors on them. The > firewall isn't losing packets, and isn't running out of memory. > > The pix is plugged into Catalyst 6500's on both ends of the link.
If this were internal broadcast traffic, you'd have seen it on 100BaseT.... But Gig-E probably means you're plugged into a different interface now. Might that interface be receiving spanning-tree or VLAN trunking traffic from the 6500? DG _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
