We keep getting these log messages:
%IP_VFR-3-COALESCE_ERROR: Unable to coalesce fragments arriving through Vlan1 - datagram 1898 bytes is too big. UDP packet 192.168.200.100:53 -> 31.222.xxx.xx:53 has ident: 21511 flags:0x0 and 2 fragments
Packet size varies between 1800 - 3800. 192.168.200.100 is our internal DNS server.
I see that it can have something to do with an older bugged IOS, but I just upgraded it to c860vae-ipbasek9-mz.153-2.T and still getting the error.
I've also seen a workaround out there to increase huge buffer size but it only fills all the buffers up then, max 16.
Also, as an additional side question:
There is a c860vae-advsecurityk9-mz.153-2.T.bin out for the 867VAE, but it just tells me:
%Warning: File not a valid executable for this system
The file is downloaded from different computers, same result. Checked for available space on flash: and it's good enough.
I'm attaching my running-config + show version in the same file.
Thankful for a reply!
Please give it a try with the below action plan.
Recommended Action Plan: 1. no ip virtual-reassembly 2. Increase the max-reassembly and max-fragment size as per the values assigned below: Router(config)# interface vlan 1 ip virtual-reassembly [max-reassemblies number] [max-fragments number] Let me know if this helps.
Ok, I set:
buffers huge size 30000 (just a high figure for the sake of it)
no ip virtual-reassembly
ip virtual-reassembly max-reassemblies 64
Still getting the same error message - unable to coalesce....
I know that it's big because it's probably DNSSEC, but why do I get an error from it.... ugh.
Looking at your config I see:
ip nat inside source list 1 interface ATM0.1 overload
The inside interface should be vlan 1
ip nat inside source list 1 interface vlan1 overload
Are you sure? If I use "ip nat inside source list 1 interface vlan1 overload" the Internet doesn't work. All guides I've read says that the ATM interface should have this command attached to it for NAT to work.