Hudge Embryonic connection (with negative value in log)

Unanswered Question
May 30th, 2007

Hello,

I have the :

%ASA-6-201010: Embryonic connection limit exceeded -1/64 for inbound packet from 10.8.5.1/2738 to 10.6.5.10/3128 on interface Outside

error message with connexions problems.

I check in error decoder and it seem that the -1 is the number of Embryonic connection. Is it a known bug or i misunderstand sonething?

Then i make a show local-host to show the connections and the result is:

....

local host: <10.6.5.10>,

TCP flow count/limit = 3/100

TCP embryonic count to host = 4294967293

TCP intercept watermark = 70

UDP flow count/limit = 0/unlimited

Conn:

TCP out 10.8.21.1:513 in 10.6.5.10:80 idle 0:19:23 bytes 88258 flags UIO

TCP out 10.8.21.120:1464 in 110.6.5.10:80 idle 0:53:06 bytes 1579253 flags UIOB

TCP out 10.8.1.20:4572 in 10.6.5.10:80 idle 0:00:02 bytes 673021 flags UIOB

Interface fail-over: 1 active, 2 maximum active, 0 denied

The "TCP embryonic count to host = 4294967293" is possible ?

Thanks,

Regards

jj

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion