This document provides a detailed description of the flow
statistics all command. The flow statistics
all command was introduced in 4.01/27s to provide a more detailed
table of statistics for the CS 800s individual Switch Fabric Processors (SFP).
There are no specific requirements for this document.
The information in this document is based on the software and hardware
versions listed here:
The information presented in this document was created from devices in
a specific lab environment. All of the devices used in this document started
with a cleared (default) configuration. If your network is live, make sure that
you understand the potential impact of any command before you use it.
For more information on document conventions, refer to the
Cisco Technical Tips
SCW-CS800-DM(debug)# flow statistics all
Flow Manager Statistics - SFM Slot 6, Subslot 1:
Cur High Avg
UDP Flows per second 1 1 0
TCP Flows per second 57 87 52
Total Flows per second 58 87 52
Hits per second 44 63 44
Number of Allocated Flows (non-purged) 5604
Number of Free Flows 125468
Number of Flow Drops 0
Max Number of Flow Control Blocks 289207
Number of Flows with SynAckPending 56
Accumulated Port Flow Statistics:
Current Number of Active Flows 5566
Total Flow Accounting Reports received 96791
Total Out of Sequence Packet Received 0
Total Spoof Queue Mis-Hits 0
Port CE Active Total Acct TCP UDP Rst
#13/1 c001f00 2541 50781 48240 2534 7 0
# ½ 401f00 0 0 0 0 0 0
#11/4 8c01f00 3022 51516 48551 3022 0 0
#12/3 a801f00 0 0 0 0 0 0
The output fields are explained here:
Hits per second—the cumulative number
of hits for all rules per second. Layer three and Layer four is one
HIT per session, and Layer five is one per
Number of Allocated Flows
(non-purged)—the allocated flows for the flowmgr for this SFP.
At boot time, the flowmgr carves the number of free flows. If it runs out, it
can allocate up to the maximum number of Flow Control Blocks (FCB), and does so
in chunks of 200. The initial free and maximum numbers are based on the amount
of memory available, so this can vary from release to release. The allocated
flows must roughly equal the cumulative number of active flows for each port on
Number of Free Flows—the number of
FCBs that the flowmgr carves out of the memory at initialization time. This is
taken from the memory shown in the show system-resources
memory command output.
Number of Flow Drops—this is a
meaningless field. It is never incremented. The maximum number of FCBs equals
the maximum number of FCBs the flowmgr can take. If it runs out of free flows,
it allocates up to the maximum number of FCBSs in blocks of 200 FCBs at a time.
Number of Flows with SynAckPending—the
number of flows that are awaiting the acknowledge (ACK) in response to a
synchronize acknowledge (SYN/ACK). Also known as the third part of the
Transmission Control Protocol (TCP) three-way handshake.
Current Number of Active Flows—the
number of active flows per SFP for a CS 800 and total for a CS 150.
Total Flow Accounting Reports
received—the number of accounting reports sent up from the
fastpath (E/XPIF) to the SFP. An accounting report is generated for all flows
that were torn down either through session close (FIN/RST) or garbage
Total Out of Sequence Packet
Received—when the flowmgr hands a packet to the Web
Conversation and Control (WCC) module, and it returns
WCC_DISCARD, it means that the flowmgr had no
way to handle this packet. One of the most common causes are out of order TCP
packets. In most cases, this counter is insignificant.
Total Spoof Queue Mis-Hit—when a flow
is about to be reallocated, it is removed from the Spoof list (or internal
cache). This counter indicates that the Cisco Content Service Switch could not
find the flow even though it must be in the spoof queue. A low number is not
significant. The table here provides more information on these counters:
This is the ingress port for the active flows.
Connection endpoint. This is how the port is represented to
the Cisco Content Service Switch internally, in the code.
The total number of active TCP and User Datagram Protocol
A cumulative total of all flows since the last reboot.
A cumulative total of all accounting reports since the last
The current number of active TCP flows.
The current number of active UDP flows.
The number of E/XPIF resets. When the SFP cannot communicate
to the E/XPIF, it resets to restart the communications. This is a serious error
and does require investigation.
The total number of available FCBs for this port's (E/XPIF)
bank from the fastpath's point of view. These FCBs are available to the entire
E/XPIF bank, typically in groups of four ports. Ports within the same bank
share this pool and reports the same number within a few FCBs of each
These FCBs are in the Synchronous Dynamic RAM (SDRAM) which
is local to the ASIC. This is where the fast switching takes place. When the
fastpath FCBs runs down to zero, then the flows are overflow mapped and
forwarded up on the processor. If up on the processor the number of free flows
goes to zero, you have to carve more FCBs in chunks of 200, up to the maximum
number of FCBs. Once this memory has been carved out, it is permanently
reserved and is not freed until a reboot. If the Cisco Content Service Switch
reaches the maximum number of FCBs, there can be approximately 4MB of RAM left,
per SFP, on a CS-800. This varies on a CS-50/100/150. If the show
system-resources command output indicates low free memory, this
may be the cause.