Hello,

Does anyone know how to interpret the drops shown in the show cgn nat44 instance inside-vrf all counters command?

Some of them are pretty obvious, but some aren't. I'm mostly interested what increments the Fragment out to in drops: counter.

If it matters, we're using the older VSM modules.

RP/0/RP0/CPU0:xxx#show cgn nat44 xxx inside-vrf all counters

Counters summary of NAT44 instance: 'xxx'
Number of Out2In drops due to TCP sequence mismatch: 47025326
Number of Outside to inside TCP sequence mismatch: 436075019679
Total number of sessions created due to Out2In packets: 61015691585
Number of Out2In drops due to end point filtering: 45496
Number of translations created: 1293143994148
Number of translations deleted: 1293140963642
Number of sessions created: 260515013000
Number of sessions deleted: 260514863189
Syslog/Netflow translation create records generated: 0
Syslog/Netflow translation delete records generated: 0
Syslog/Netflow sessions create records generated: 1528695055535
Syslog/Netflow sessions delete records generated: 1528686072628
Number of Netflow packets generated: 49010844801
Number of Syslog packets generated: 0
Dropped Netflow packets due to congestion: 5826867
Dropped Syslog packets due to congestion: 0
Average usage of bulk allocated ports: 0
Average number of bulk-allocations made: 0
Number of packets translated: 225052974380542
Quota exceeded drops: 11880649755
System limit reached drops: 0
Resource depletion drops: 161732068
User translations created: 19093128199
User translations deleted: 19092711946
Session DB limit exceeded: 7531458
No translation entry drops: 152596865721
No source IP config drops: 0
TCP non syn drops: 274421542317
Fragment in to out drops: 31185824
Fragment out to in drops: 2817051867
Number of SIP ALG translations created: 0
Number of SIP ALG translations deleted: 0

Thanks!