Hi all,
we experience an issue with interface utilization shown in PM 3.5 for ASA contexts and I would like ask if anybody else is experiencing the same or if somebody has an idea where to start troubleshooting most effeciently.
We're monitoring Cisco ASA contexts, which are basically multiple virtual instances running on a specific hardware box. In our case the hardware box is Cisco Firepower, but it might be ASA hardware as well.
We have default interface monitoring enabled through monitoring profile "Network Interface".
The issue: for all virtual context interfaces, we see the interface throughput seemingly being limited to appr. 21 MBit/s. This is accompanied by random data gaps (the graph lines are not drawn continiously). For some interfaces, the trhoughput is shown lower, but never higher than 21 MBit/s.
The scenario is true for average as well as maximum metric data (Bits per second In / Out).
The same PM shows proper interface utilization graphs for other device types including the Firepower, Nexus, Catalyst, f5, etc.
We definitely know, the throughput is actually a lot higher than 21 MBit/s, it goes up to multi-Gigabit/s.
The issue seems to be the same for In and Out.
The interface speed is read as zero, resulting in emtpy "Utilization", but throughput is "absolute" and should not be affected by this.
Interestingly, we can see "good" interface throughput graphs in Spectrum OneClick, which is polling using same credentials.
Due to a bug in the ASA firmware, we're using SNMPv2c (not 3), but that should be sufficient.
Probably the next thing to do is to run tcpdump and check the snmp counters returned by the devices, but I call for any reasonable ideas.
regards,
Raphael