Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM packet capture showing Out Of Order packets

 

 Dear Cisco Community,

We recently received complaints from our customer regarding transfer speed. Upon troubleshooting, we noticed that packet were received out of order when doing a packet capture on the FWSM. FYI, we have already enabled np-completion unit and also disable random sequence number.

Could this be related to FWSM? Also, end user advised that transfer speed using fallback LAN is about 10x faster.

 

capture cap-in type raw-data access-list test packet-length 128 interface c16lobby[Buffer Full - 524264 bytes]
capture cap-out type raw-data access-list test packet-length 128 interface c16loadbal[Buffer Full - 524264 bytes]


FWSM# sh service-

Global policy:
  Service-policy: global_policy
    Class-map: inspection_default
      Inspect: dns maximum-length 512, packet 1017412418, drop 1902569, reset-drop 0
      Inspect: ftp, packet 9790919, drop 16, reset-drop 0
      Inspect: h323 h225, packet 0, drop 0, reset-drop 0
      Inspect: h323 ras, packet 0, drop 0, reset-drop 0
      Inspect: netbios, packet 82, drop 0, reset-drop 0
      Inspect: rsh, packet 0, drop 0, reset-drop 0
      Inspect: skinny, packet 24725, drop 7524, reset-drop 0
      Inspect: sunrpc, packet 39065430, drop 6149, reset-drop 0
      Inspect: tftp, packet 0, drop 0, reset-drop 0
      Inspect: sip, packet 0, drop 0, reset-drop 0
      Inspect: xdmcp, packet 0, drop 0, reset-drop 0
    Class-map: TCP
      Set connection policy: random-sequence-number disable
        
    Class-map: class-default
      Set connection policy: random-sequence-number disable
        
      Set connection timeout policy:
        half-closed 0:00:20


FWSM# sh run sysopt
no sysopt connection timewait
sysopt connection tcpmss 1460
sysopt connection tcpmss minimum 0
no sysopt nodnsalias inbound
no sysopt nodnsalias outbound
no sysopt radius ignore-secret
no sysopt uauth allow-http-cache
sysopt np completion-unit
sysopt connection tcp window-scale
sysopt connection tcp sack-permitted

FWSM packet capture

273
Views
0
Helpful
0
Replies
CreatePlease to create content