https://bst.cloudapps.cisco.com/bugsear ... CSCvd78303Если коротко, то речь о следующем:
ARP functions fail after 213 days of uptime, drop with error 'punt-rate-limit-exceeded'
Symptom:
An ASA, after reaching an uptime of roughly 213 days will fail to process ARP packets leading to a condition where all traffic stops passing through the affected device.
Additional symptoms include:
- ASA does not have ARP entries in its ARP table. show arp is empty
- The output of show asp drop and ASP drop captures indicate a rapidly increasing counter for punt-rate-limit exceeded and the dropped packets are predominantly ARP.
Product:
Cisco ASA 5500-X Series Firewalls
Рекомендую обновиться до актуальной версии софта.
http://blogs.cisco.com/security/urgent- ... cation-asa