Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2046
Views
0
Helpful
1
Replies

zone-based firewall tcp reassembly overflow

ggilley
Level 1
Level 1

‎05-02-2010 08:41 PM - edited ‎03-04-2019 08:20 AM

I'm getting the following kinds of messages in my console:

033906: *May  2 19:18:09.972 Pacific: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:-958700247 1500 bytes is out-of-order; expected seq:3336242433. Reason: TCP reassembly queue overflow - session 172.xx.xx.xx:56235 to 129.143.116.10:80 on zone-pair ccp-zp-in-out class ccp-protocol-http

How do I adjust the size of the reassembly queue for the zone-based firewall?
Thanks,
     Greg
Labels:
0 Helpful
1 Reply 1

juan.cota
Level 1
Level 1

‎11-05-2010 03:56 PM

SUMMARY STEPS

1. enable

2. configure terminal

3. parameter-map type ooo global

4. tcp reassembly queue length queue-length

Use something bigger than the default 16. This should fix it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card