a small question about understanding network statistics (CLI)

on a sophos firewall (e.g. xgs136) I can view the interface statistics via the CLI. (command: show network interfaces)

At the output I notice that there are many dropped packets at RX state (receive).(LAN Interface)

Port1            Zonetype:LAN MAC Address:XX:XX:XX:XX:XX MTU:1500
                 IPv6 Addr(s): XXXXX::XXXXX:XXXXXX:XXXXX:1/64 (link-local)
                 Speed:1000Mb/s Full Duplex Auto Negotiation:yes
                 UP BROADCAST RUNNING SLAVE MULTICAST
                 RX State: packets:2682687049 bytes:531478369640 (494.9 GiB)
                           errors:0 dropped:62795887 overruns:0 frame:0
                 TX State: packets:3826280005 bytes:3010216377751 (2.7 TiB)
                           errors:0 dropped:0 overruns:0 carrier:0

Does this statistic include the dropped packets that were blocked due to the firewall rules?

What period does this statistic cover and can I reset it via cli without impact?

many thanks for a hint

Rgd,

Tom

Added TAGs
[edited by: Raphael Alganes at 11:15 AM (GMT -8) on 25 Nov 2024]

0 Raphael Alganes 29 minutes ago

Hello Thomas,

Thanks for reaching out to Sophos Community.

I believe RX dropped packets here are interface-level statistics and should be before it hits a firewall rule/policy

Further, could you let us know if there are any disruptions/slowdowns you're noticing on the network? what are the devices connected to your Sophos Firewall? Are there any changes/new device on the network before you noticed this?

Also, could you look into this past thread in which could be a similar case, and see if it would help:

RX State: packets Drop and error

Regards,

Raphael Alganes
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel