10-28-2014 09:49 AM - edited 03-05-2019 12:03 AM
I recently started seeing the TCP Out-of-Order blurbs on my 1921/k9 routers logs. See following....
*Oct 28 06:41:32.793: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:-1475532578 1500 bytes is out-of-order; expected seq:2819411594. Reason: TCP reassembly queue overflow - session 192.168.10.11:58675 to 23.77.232.34:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
*Oct 28 15:09:21.539: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:79628295 1488 bytes is out-of-order; expected seq:79600783. Reason: TCP reassembly queue overflow - session 192.168.10.25:55690 to 206.19.48.10:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
*Oct 28 15:16:44.803: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:-1210068379 1500 bytes is out-of-order; expected seq:3084764253. Reason: TCP reassembly queue overflow - session 192.168.10.13:50591 to 107.167.193.162:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
I temporarily disabled TCP Queue length logs (setting to 0) after having changed to several options including 128 and 1024 did not help. The output of Sh IP Traffic....
"Router#sh ip traffic
IP statistics:
Rcvd: 411466 total, 163659 local destination
0 format errors, 0 checksum errors, 2 bad hop count
0 unknown protocol, 1 not a gateway
0 security failures, 0 bad options, 0 with options
Opts: 0 end, 0 nop, 0 basic security, 0 loose source route
0 timestamp, 0 extended security, 0 record route
0 stream ID, 0 strict source route, 0 alert, 0 cipso, 0 ump
0 other
Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
0 fragmented, 0 fragments, 0 couldn't fragment
Bcast: 162854 received, 415 sent
Mcast: 0 received, 0 sent
Sent: 5560 generated, 18211176 forwarded
Drop: 22 encapsulation failed, 0 unresolved, 0 no adjacency
2383 no route, 0 unicast RPF, 0 forced drop
0 options denied
Drop: 0 packets with source IP address zero
Drop: 0 packets with internal loop back IP address
0 physical broadcast
ICMP statistics:
Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
11 echo, 0 echo reply, 0 mask requests, 0 mask replies, 0 quench
0 parameter, 0 timestamp, 0 timestamp replies, 0 info request, 0 other
0 irdp solicitations, 0 irdp advertisements
0 time exceeded, 0 info replies
Sent: 2028 redirects, 2809 unreachable, 35 echo, 11 echo reply
0 mask requests, 0 mask replies, 0 quench, 0 timestamp, 0 timestamp replies
0 info reply, 2 time exceeded, 0 parameter problem
0 irdp solicitations, 0 irdp advertisements
BGP statistics:
Rcvd: 0 total, 0 opens, 0 notifications, 0 updates
0 keepalives, 0 route-refresh, 0 unrecognized
Sent: 0 total, 0 opens, 0 notifications, 0 updates
0 keepalives, 0 route-refresh
PIMv2 statistics: Sent/Received
Total: 0/0, 0 checksum errors, 0 format errors
Registers: 0/0 (0 non-rp, 0 non-sm-group), Register Stops: 0/0, Hellos: 0/0
Join/Prunes: 0/0, Asserts: 0/0, grafts: 0/0
Bootstraps: 0/0, Candidate_RP_Advertisements: 0/0
Queue drops: 0
State-Refresh: 0/0
IGMP statistics: Sent/Received
Total: 0/0, Format errors: 0/0, Checksum errors: 0/0
Host Queries: 0/0, Host Reports: 0/0, Host Leaves: 0/0
DVMRP: 0/0, PIM: 0/0
Queue drops: 0
TCP statistics:
Rcvd: 39 total, 0 checksum errors, 37 no port
Sent: 2 total
EIGRP-IPv4 statistics:
Rcvd: 0 total
Sent: 0 total
UDP statistics:
Rcvd: 163487 total, 0 checksum errors, 162603 no port
Sent: 695 total, 0 forwarded broadcasts
OSPF statistics:
Last clearing of OSPF traffic counters never
Rcvd: 0 total, 0 checksum errors
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acks
Sent: 0 total
0 hello, 0 database desc, 0 link state req
0 link state updates, 0 link state acks
ARP statistics:
Rcvd: 3651888 requests, 72 replies, 0 reverse, 0 other
Sent: 159 requests, 28560 replies (225 proxy), 0 reverse
Drop due to input queue full: 0"
Would someone be so kind as to help me understand a little about my IP Traffic and what might be going wrong? Thanks for any input. --Tim
10-28-2014 11:25 AM
Linking a similar issue:
https://supportforums.cisco.com/discussion/11435681/fw-4-tcpoooseg-dropping-tcp-segment
Perhaps what is suggested may help?
10-28-2014 12:13 PM
With Queue Length set to 1024:
Router>show ip inspect statistics
Interfaces configured for inspection 4294967294
Session creations since subsystem startup or last reset 0
Current session counts (estab/half-open/terminating) [0:0:0]
Maxever session counts (estab/half-open/terminating) [0:0:0]
Last session created never
Last statistic reset never
Last session creation rate 0
Maxever session creation rate 0
Last half-open session total 0
TCP reassembly statistics
received 0 packets out-of-order; dropped 0
peak memory usage 0 KB; current usage: 0 KB
peak queue length 0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide