Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
549
Views
0
Helpful
4
Replies

CSS Late data arrival for KAL-index

Go to solution
Gerhard.Oettle
Level 1
Level 1

‎08-21-2006 05:59 AM

What is meant when a CSS 11503 in Box2Box redundancy shows the following messages when doing a sh log:

21 AUG 15:54:09 1/1 4691207 NETMAN-7: SSL-KAL: Late data arrival for KAL-index (

11)

21 AUG 15:54:11 1/1 4691208 NETMAN-7: SSL-KAL: Late data arrival for KAL-index (

6)

Gi 1/1 is the Interface for the HA-Link.

The Software version used is sg0750103 (07.50.1.03)

Regards

Gerhard

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
syediahm
Level 1
Level 1

‎08-21-2006 11:29 AM

This message was logged because you are using a kal type of SSL with the server hello coming back in multiple packets. The kal is only looking for the server hello in the first packet. Once it is received the CSS will reset the connection, even if there are more packets to follow. The message just indicates that data was received after the kal attempt was completed.

You dont need to worry about it its a debug level informational message. You can get rid of this message by lowering down the debug level to 4.

Syed Iftekhar Ahmed

View solution in original post

0 Helpful

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎08-22-2006 05:30 AM

Gerhard,

these are debug messages.

If you are not troubleshooting any issue, I would recommend to set the logging level back to warning-4.

For the message, it refers to KAL - keepalive.

If you do a 'show keepalive' on your css, you will see that each KAL as an index.

From your log message, it appears that the response from the server for kal index 11 & 6 arrived after the CSS kal timeout or closed the connection.

You can see if those server are bouncing up/down and maybe sniff the traffic to verify that everything is ok.

Gilles.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
syediahm
Level 1
Level 1

‎08-21-2006 11:29 AM

This message was logged because you are using a kal type of SSL with the server hello coming back in multiple packets. The kal is only looking for the server hello in the first packet. Once it is received the CSS will reset the connection, even if there are more packets to follow. The message just indicates that data was received after the kal attempt was completed.

You dont need to worry about it its a debug level informational message. You can get rid of this message by lowering down the debug level to 4.

Syed Iftekhar Ahmed

0 Helpful

Go to solution
Gerhard.Oettle
Level 1
Level 1
In response to syediahm

‎08-28-2006 05:20 AM

Hello Mr. Syed Iftekhar Ahmed,

Thank you for the feedback, all ok now when switching back to logging level 4.

Regards

Gerhard

0 Helpful

Go to solution
Gilles Dufour
Cisco Employee
Cisco Employee

‎08-22-2006 05:30 AM

Gerhard,

these are debug messages.

If you are not troubleshooting any issue, I would recommend to set the logging level back to warning-4.

For the message, it refers to KAL - keepalive.

If you do a 'show keepalive' on your css, you will see that each KAL as an index.

From your log message, it appears that the response from the server for kal index 11 & 6 arrived after the CSS kal timeout or closed the connection.

You can see if those server are bouncing up/down and maybe sniff the traffic to verify that everything is ok.

Gilles.

0 Helpful

Go to solution
Gerhard.Oettle
Level 1
Level 1
In response to Gilles Dufour

‎08-28-2006 05:18 AM

Hello Gilles,

Thank you very much for your response, now it is clear what caused that messages.

I set the logging level for subsystem netman back to 4.

Regards and many thanks

Gerhard

0 Helpful
Customers Also Viewed These Support Documents