Re: Does the cmd "ip virtual reassembly" cause any impact in Int

muthupriyanka · ‎06-02-2011

Hi,

I have an Internet Multihoming scenario in which Router A is connected to ISP1 and Router B is connected to ISP2.I have an EBGP running bw A and ISP1 & B and ISP2.Also I have IBGP bw A and B.My IP blocks are advertised in both ISP's and we are trying to achieve load balacing.Both my WAN links to ISP is in Active-Active.In addition to it, I have MHSRP configured in my LAN interface.

Now I have enabled nat on the Wan interface connecting to ISP1 and ISP2.I noticed :ip virtual reassembly command automatically appearing on the WAN interface.After some time,I noticed some error logs in my router :

May 10 10:05:58.645: %IP_VFR-4-FRAG_TABLE_OVERFLOW: GigabitEthernet0/1: the fragment table has reached its maximum threshold 16

Does this error cause any impact on my application ?

Can i remove this command from the interface ? Will my production get affected if i try to do this ?

gerald.suiza · ‎06-02-2011

from what I understand NAT automatically enables VFR if NAT is enabled...does the message happen often?

if it happens often there may be possibility of a buffer overflow attack...

ashok_boin · ‎06-02-2011

Hi,

NAT automatically enables this feature (VRF).This is to prevent security attacks.

Depends upon your traffic patterns, you can increase to higher count from default 16. Please be aware that it may happen with attacks to overflow the buffer memory and so drop the fragmented packets exceeding 16 without reassembly.

Regards...

-Ashok.

With best regards...
Ashok

Does the cmd "ip virtual reassembly" cause any impact in Internet Multihoming scenario ?