diag hardware deviceinfo nic eth0I think that' s a pusedo interface but stangely m 110C has a eth0; FW1LAW # diag hardware deviceinfo nic eth0 Description Broadcom 570x Tigon3 Ethernet Adapter Part_Number BCM95786T8600 PHY_Device_ID 5787 Driver_Name tg3 Driver_Version 3.85l PCI_Vendor 0x14e4 PCI_Device_ID 0x169a PCI_Subsystem_Vendor 0x14e4 PCI_Subsystem_ID 0x969a PCI_Revision_ID 0xb002 PCI_Address 1:0.0 Memory 0xdfc00000 IRQ 9 System_Device_Name eth0 Current_HWaddr 00:09:0f:ca:f9:7e Permanent_HWaddr 00:09:0f:ca:f9:7e Link up Speed 1000 Mbps full duplex FlowControl Tx off, Rxoff MTU_Size 1500 Rx_Packets 247284410 Rx_Packets_Dropped 0 Tx_Packets 338341834 Rx_Bytes 1501420373 Tx_Bytes 2229875905 Rx_Errors 0 Tx_errors 0 Multicast 1160947 Collisions 0 Rx_Length_Errors 0 Rx_Over_Errors 0 Rx_Frame_Errors 0 Tx_aborted_Errors 0 Tx_carrier_errors 0 Rx_CRC_Errors 0 rx_pending 200 tx_pending 511 tg3_flags a2486c05 tg3_flags2 380c9200 but it' s not an interface you can sniffer on; diag sniffer packet <interface> the network interface to sniff (or " any" ) FG100C3G09611205 # diag sniffer packet eth0 " any" interfaces=[eth0] filters=[any] pcap_lookupnet: eth0: no IPv4 address assigned pcap_compile: parse error and version of code; Version: Fortigate-110C v4.0,build0196,100319 (MR1 Patch 4) Qs: Where are you seeing traffic exiting eth0? Are you using any IPS or end-point UTM features ? What does " get sys performance status" show? And " diag ip arp list " 7 " diag ip address list" show for you ip_address L3 interfaces ?
PCNSE
NSE
StrongSwan
Where are you seeing traffic exiting eth0? Are you using any IPS or end-point UTM features ?using diag sniffer packet any ' filters' 4 to give the interface name
What does " get sys performance status" show?CPU states: 0% user 0% system 0% nice 100% idle CPU0 states: 0% user 0% system 0% nice 100% idle Memory states: 16% used Average network usage: 2090 kbps in 1 minute, 1596 kbps in 10 minutes, 2186 kbps in 30 minutes Average sessions: 373 sessions in 1 minute, 323 sessions in 10 minutes, 298 sessions in 30 minutes Average session setup rate: 1 sessions per second in last 1 minute, 2 sessions per second in last 10 minutes, 1 sessions per second in last 30 minutes Virus caught: 0 total in 1 minute IPS attacks blocked: 0 total in 1 minute Uptime: 27 days, 1 hours, 41 minutes
And " diag ip arp list " 7 " diag ip address list" show for you ip_address L3 interfaces ?They show the L3 interfaces on port3, no references to eth0...
PCNSE
NSE
StrongSwan
Are you experiencing performance issues? or just curious on eth0?Just curious :) Also curious re the counts under diag hardware deviceinfo nic port1 I don' t see any numbers on rx/tx errors/collisions. Will these only appear if the counts are nonzero?
rx/tx errors/collisionsYes only if they appear. Collision should never been seen in a full-duplex setting. Collision, CRC and late collision are normally a duplex miss-match or if a 802.1q tag is being applied and the other party is not expecting it. Man your question was challenging, I remember some fortinet rep explain the eth0 and I can' t recall what it' s used for now I would not worry too much about it unless your see performance issues or numbers are climbing on a regular schedule.
PCNSE
NSE
StrongSwan
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.