Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1028
Views
20
Helpful
10
Replies

Large sequence numbers on FWSM

Go to solution
ALIAOF_
Level 6
Level 6

‎12-06-2011 09:33 AM - edited ‎03-11-2019 03:00 PM

We recently installed a 6509 with FWSM and noticing pretty large sequence numbers like this:

" %FWSM-6-302016: Teardown UDP connection 144551535502653717"

Is that normal?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎12-09-2011 10:44 AM

Yes. Either a reload or after its hits the maximum decimal integer made up of these 8 bytes(64 bits), I believe 20 digits is hit it will reset back to the smaller number. So according to all 1s 64 digits the max decimal number is

18446744073709551615 (20 digits).

I used this site to convert binary to decimal:

http://www.exploringbinary.com/binary-converter/

-Kureli

View solution in original post

0 Helpful
10 Replies 10

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎12-08-2011 01:33 PM

Mohammad,

That may not be the seq. nos used by the end hosts in the connection. It is just a connection ID that the FWSM uses to identify that particular UDP connection. It is sequentially assigned. It is an 8 byte integer made out of xlate ID and sequence counter (4 bytes each).  How long has the unit been up? Did you all increase the xlate timeout from the default 3 hours?

-Kureli

Go to solution
ALIAOF_
Level 6
Level 6
In response to Kureli Sankar

‎12-08-2011 01:51 PM

Thank you for the reply sorry about the wording yes it is the connection ID not the sequence number I said it wrong.  Xlate is still default of 3 hours and unit has been up since september 2011.

So the connection ID's that long are normal on FWSM?

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎12-08-2011 02:02 PM

Yes it is normal. Although this one is a a lot longer than the ones that I see usually .

-Kureli

Go to solution
ALIAOF_
Level 6
Level 6
In response to Kureli Sankar

‎12-08-2011 02:11 PM

Thank you again so should this be a concern?

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎12-08-2011 02:16 PM

No. Don't worry about it. Get me the

sh xlate count

sh conn count

output from the FWSM.

-Kureli

Go to solution
ALIAOF_
Level 6
Level 6
In response to Kureli Sankar

‎12-08-2011 02:43 PM

# show xlate count

355 in use, 1310 most used

# show conn count

215 in use, 365939 most used

Thank you again here is the output.

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎12-09-2011 08:24 AM

Interesting. So at some point the blade has seen 365939 connections when at present there are only 215.

So, that explains the very high sequential connection ID increase.

-Kureli

Go to solution
ALIAOF_
Level 6
Level 6
In response to Kureli Sankar

‎12-09-2011 10:00 AM

Ok so once the xlate times out shouldn't the connection ID's get smaller ?  or will the device reboot can only accomplish that?

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to ALIAOF_

‎12-09-2011 10:44 AM

Yes. Either a reload or after its hits the maximum decimal integer made up of these 8 bytes(64 bits), I believe 20 digits is hit it will reset back to the smaller number. So according to all 1s 64 digits the max decimal number is

18446744073709551615 (20 digits).

I used this site to convert binary to decimal:

http://www.exploringbinary.com/binary-converter/

-Kureli

0 Helpful

Go to solution
ALIAOF_
Level 6
Level 6
In response to Kureli Sankar

‎12-09-2011 10:51 AM

Thankk you so much for all your help and explaining everything have a great day.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card