What does this mean Dropping TCP Segment Reason: TCP reassembly queue overf

Unanswered Question
Nov 9th, 2007

Hi, I have a Cisco 877 running in VPN mode and get this error sent to the syslog server throughout the day:

65: Dropping TCP Segment: seq:1180744820 1500 bytes is out-of-order; expected seq:1180719170. Reason: TCP reassembly queue overflow

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jsivulka Thu, 11/15/2007 - 07:01

change the ip inspect tcp reassembly queue length and test.


To set parameters that define how Cisco IOS Firewall application inspection and Cisco IOS Intrusion Prevention System (IPS) will handle out-of-order TCP packets, use the ip inspect tcp reassembly command in global configuration mode. To disable at least one defined parameter, use the no form of this command. ip inspect tcp reassembly {[queue length packet-number] [timeout seconds] [memory limitsize-in-kb] [alarm {on | off}]}

no ip inspect tcp reassembly {[queue length] [timeout] [memory limit]}

whiteford Thu, 11/15/2007 - 08:32

Thanks for your reply, is the error anything to worry about in simple terms?

I will take a look at the link now.


This Discussion