cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
736
Views
0
Helpful
2
Replies

Another TCP Reassembly Queue Issue - Help Understanding Sh IP Traffic Results

timothybrach
Level 1
Level 1

I recently started seeing the TCP Out-of-Order blurbs on my 1921/k9 routers logs. See following....

 

*Oct 28 06:41:32.793: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:-1475532578 1500 bytes is out-of-order; expected seq:2819411594. Reason: TCP reassembly queue overflow - session 192.168.10.11:58675 to 23.77.232.34:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
*Oct 28 15:09:21.539: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:79628295 1488 bytes is out-of-order; expected seq:79600783. Reason: TCP reassembly queue overflow - session 192.168.10.25:55690 to 206.19.48.10:80 on zone-pair ccp-zp-in-out class ccp-protocol-http
*Oct 28 15:16:44.803: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:-1210068379 1500 bytes is out-of-order; expected seq:3084764253. Reason: TCP reassembly queue overflow - session 192.168.10.13:50591 to 107.167.193.162:80 on zone-pair ccp-zp-in-out class ccp-protocol-http

 

I temporarily disabled TCP Queue length logs (setting to 0) after having changed to several options including 128 and 1024 did not help. The output of Sh IP Traffic....

 

"Router#sh ip traffic
IP statistics:
  Rcvd:  411466 total, 163659 local destination
         0 format errors, 0 checksum errors, 2 bad hop count
         0 unknown protocol, 1 not a gateway
         0 security failures, 0 bad options, 0 with options
  Opts:  0 end, 0 nop, 0 basic security, 0 loose source route
         0 timestamp, 0 extended security, 0 record route
         0 stream ID, 0 strict source route, 0 alert, 0 cipso, 0 ump
         0 other
  Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
         0 fragmented, 0 fragments, 0 couldn't fragment
  Bcast: 162854 received, 415 sent
  Mcast: 0 received, 0 sent
  Sent:  5560 generated, 18211176 forwarded
  Drop:  22 encapsulation failed, 0 unresolved, 0 no adjacency
         2383 no route, 0 unicast RPF, 0 forced drop
         0 options denied
  Drop:  0 packets with source IP address zero
  Drop:  0 packets with internal loop back IP address
         0 physical broadcast

ICMP statistics:
  Rcvd: 0 format errors, 0 checksum errors, 0 redirects, 0 unreachable
        11 echo, 0 echo reply, 0 mask requests, 0 mask replies, 0 quench
        0 parameter, 0 timestamp, 0 timestamp replies, 0 info request, 0 other
        0 irdp solicitations, 0 irdp advertisements
        0 time exceeded, 0 info replies
  Sent: 2028 redirects, 2809 unreachable, 35 echo, 11 echo reply
        0 mask requests, 0 mask replies, 0 quench, 0 timestamp, 0 timestamp replies
        0 info reply, 2 time exceeded, 0 parameter problem
        0 irdp solicitations, 0 irdp advertisements

BGP statistics:
  Rcvd: 0 total, 0 opens, 0 notifications, 0 updates
        0 keepalives, 0 route-refresh, 0 unrecognized
  Sent: 0 total, 0 opens, 0 notifications, 0 updates
        0 keepalives, 0 route-refresh

PIMv2 statistics: Sent/Received
  Total: 0/0, 0 checksum errors, 0 format errors
  Registers: 0/0 (0 non-rp, 0 non-sm-group), Register Stops: 0/0,  Hellos: 0/0
  Join/Prunes: 0/0, Asserts: 0/0, grafts: 0/0
  Bootstraps: 0/0, Candidate_RP_Advertisements: 0/0
  Queue drops: 0
  State-Refresh: 0/0
          
IGMP statistics: Sent/Received
  Total: 0/0, Format errors: 0/0, Checksum errors: 0/0
  Host Queries: 0/0, Host Reports: 0/0, Host Leaves: 0/0 
  DVMRP: 0/0, PIM: 0/0
  Queue drops: 0

TCP statistics:
  Rcvd: 39 total, 0 checksum errors, 37 no port
  Sent: 2 total

EIGRP-IPv4 statistics:
  Rcvd: 0 total
  Sent: 0 total

UDP statistics:
  Rcvd: 163487 total, 0 checksum errors, 162603 no port
  Sent: 695 total, 0 forwarded broadcasts

OSPF statistics:
  Last clearing of OSPF traffic counters never

  Rcvd: 0 total, 0 checksum errors
        0 hello, 0 database desc, 0 link state req
        0 link state updates, 0 link state acks

  Sent: 0 total
        0 hello, 0 database desc, 0 link state req
        0 link state updates, 0 link state acks

ARP statistics:
  Rcvd: 3651888 requests, 72 replies, 0 reverse, 0 other
  Sent: 159 requests, 28560 replies (225 proxy), 0 reverse
  Drop due to input queue full: 0"

 

Would someone be so kind as to help me understand a little about my IP Traffic and what might be going wrong? Thanks for any input. --Tim

2 Replies 2

cflory
Level 1
Level 1

Linking a similar issue:

 

https://supportforums.cisco.com/discussion/11435681/fw-4-tcpoooseg-dropping-tcp-segment

 

Perhaps what is suggested may help?

With Queue Length set to 1024:

Router>show ip inspect statistics
Interfaces configured for inspection 4294967294
Session creations since subsystem startup or last reset 0
Current session counts (estab/half-open/terminating) [0:0:0]
Maxever session counts (estab/half-open/terminating) [0:0:0]
Last session created never
Last statistic reset never
Last session creation rate 0
Maxever session creation rate 0
Last half-open session total 0
TCP reassembly statistics
  received 0 packets out-of-order; dropped 0
  peak memory usage 0 KB; current usage: 0 KB
  peak queue length 0

 

 

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: