Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2512
Views
0
Helpful
2
Replies

ASR1000series Fragmentation errors

alain-bhend
Level 1
Level 1

‎07-14-2011 05:17 AM - edited ‎03-04-2019 12:59 PM

Hello all,

I have some leased line WAN links (ethernet, 100 Mbps) which are encrypted.

Sometimes I have on the Firewalls which connects the WAN with the LAN fragmentation errors in the logs.

First I thought it's a Firewall problem but now I have found a command for the ASR that shows me some information.

RouterASR1002#show platform hardware qfp active statistics drop

-------------------------------------------------------------------------

Global Drop Stats                         Packets                  Octets

-------------------------------------------------------------------------

IpFragErr                                    1114                 1666134

Ipv4NoRoute                                   212                   21420

RouterASR1002#show platform hardware qfp active statistics drop detail

--------------------------------------------------------------------------------

   ID  Global Drop Stats                         Packets                  Octets

--------------------------------------------------------------------------------

   48  IpFragErr                                    1114                 1666134

   19  Ipv4NoRoute                                   212                   21420

Only 30 minutes ago I have cleared the statistics.

Has someone an idea what means IpFragErr and how I can figure out why I have this errors respectively what I can do to eliminate or minimize this errors?

Many thanks for any advice.

Regards,

Alain

Labels:
0 Helpful
2 Replies 2

ashok_boin
Level 5
Level 5

‎07-14-2011 05:41 AM

Hi Alain,

Though no information given in the following technote for this error type, it may help you out...

http://www.cisco.com/en/US/products/ps9343/products_tech_note09186a0080af2d14.shtml

And, you may try with "sh ip traffic" command and correlate with the above command counters to understand about error type.

Regards...

-Ashok.


With best regards...
Ashok
0 Helpful

alain-bhend
Level 1
Level 1
In response to ashok_boin

‎07-14-2011 07:54 AM

Hi Ashok,

The sho ip traffic output shows nothing of special.

Only a lot of couldn't fragments:

RouterASR1002#sho ip traffic
IP statistics:
  Rcvd:  10009528 total, 20533 local destination
         0 format errors, 0 checksum errors, 0 bad hop count
         0 unknown protocol, 0 not a gateway
         0 security failures, 0 bad options, 0 with options
  Opts:  0 end, 0 nop, 0 basic security, 0 loose source route
         0 timestamp, 0 extended security, 0 record route
         0 stream ID, 0 strict source route, 0 alert, 0 cipso, 0 ump
         0 other, 0 ignored
  Frags: 0 reassembled, 0 timeouts, 0 couldn't reassemble
         374944 fragmented, 749888 fragments, 1807 couldn't fragment

< ......>

I have putted it into Cisco's Output interpreter.

He 'say' that this occurs when the DF bit is set but the router has to fragment the datagram because of the smaller path MTU. So it's a normal reaction of a too huge datagram.

Regards,

Alain

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card