FTD 6.4.0.10 %FTD-3-210005: LU allocate connection failed for UDP connection from ......

sokarlsson · ‎07-28-2021

We have a FTD HA setup with 2 FP 2110 running FTD 6.4.0.10
We see frequent messages like this in the ASAconsole.log in the standby unit
%FTD-3-210005: LU allocate connection failed for UDP connection from INSIDE:X.X.X.X/64181 to OUTSIDE:8.8.8.8/53

Output of show failover state that we have receive errors on both TCP and UDP connections

Stateful Failover Logical Update Statistics
Link : failover Ethernet1/16 (up)
Stateful Obj xmit xerr rcv rerr
General 716 0 1844760 43
sys cmd 716 0 716 0
up time 0 0 0 0
RPC services 0 0 0 0
TCP conn 0 0 443265 14
UDP conn 0 0 1397777 29
ARP tbl 0 0 2945 0
Xlate_Timeout 0 0 0 0
IPv6 ND tbl 0 0 0 0
VPN IKEv1 SA 0 0 3 0
VPN IKEv1 P2 0 0 20 0
VPN IKEv2 SA 0 0 0 0
VPN IKEv2 P2 0 0 0 0
VPN CTCP upd 0 0 0 0
VPN SDI upd 0 0 0 0
VPN DHCP upd 0 0 0 0
Route Session 0 0 0 0
Router ID 0 0 0 0
User-Identity 0 0 1 0
CTS SGTNAME 0 0 0 0
CTS PAC 0 0 0 0
TrustSec-SXP 0 0 0 0
IPv6 Route 0 0 0 0
STS Table 0 0 0 0
Umbrella Device-ID 0 0 0 0
Rule DB B-Sync 0 0 3 0
Rule DB P-Sync 0 0 30 0
Rule DB Delete 0 0 0 0

Logical Update Queue Information
Cur Max Total
Recv Q: 0 8 1852244
Xmit Q: 0 1 716

Can't find any bugs related to 210005 and ASA/LINA newer then 9.7 and none of them have any fixed releases. status is release pending. They have not elaborated on reason or any workarounds either.

Don't see any packet drops on the appliance interfaces or on the switches that the appliances connect to.

Anyone recognize this or should I open a case?