[181974] in North American Network Operators' Group
Possible Sudden Uptick in ASA DOS?
daemon@ATHENA.MIT.EDU (Mark Mayfield)
Thu Jul 9 04:18:59 2015
X-Original-To: nanog@nanog.org
From: Mark Mayfield <Mark.Mayfield@cityofroseville.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Wed, 8 Jul 2015 16:58:24 +0000
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Come in this morning to find one failover pair of ASA's had the primary cra=
sh and failover, then a couple hours later, the secondary crash and failove=
r, back to the primary.
Another pair running the same code had the primary crash and fail in the sa=
me time window.
So, three crashes in 4 hours in our environment.
Open a TAC case on one of these for post-mortem analysis, and they interpre=
ted the crash dump to point at a DOS bug first published in Oct.
The very interesting thing; on the phone the TAC engineer said this was "th=
e 10th one of these I've dealt with this morning".
Here's the bug they reference:
https://tools.cisco.com/bugsearch/bug/CSCul36176/?reffering_site=3Ddumpcr
Anyone else have observations to add on this?
Mark Mayfield
City of Roseville - AS 54371
Network Systems Engineer
2660 Civic Center Drive
Roseville, MN 55113
651-792-7098 Office
