Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Hudge Embryonic connection (with negative value in log)

Hello,

I have the :

%ASA-6-201010: Embryonic connection limit exceeded -1/64 for inbound packet from 10.8.5.1/2738 to 10.6.5.10/3128 on interface Outside

error message with connexions problems.

I check in error decoder and it seem that the -1 is the number of Embryonic connection. Is it a known bug or i misunderstand sonething?

Then i make a show local-host to show the connections and the result is:

....

local host: <10.6.5.10>,

TCP flow count/limit = 3/100

TCP embryonic count to host = 4294967293

TCP intercept watermark = 70

UDP flow count/limit = 0/unlimited

Conn:

TCP out 10.8.21.1:513 in 10.6.5.10:80 idle 0:19:23 bytes 88258 flags UIO

TCP out 10.8.21.120:1464 in 110.6.5.10:80 idle 0:53:06 bytes 1579253 flags UIOB

TCP out 10.8.1.20:4572 in 10.6.5.10:80 idle 0:00:02 bytes 673021 flags UIOB

Interface fail-over: 1 active, 2 maximum active, 0 denied

The "TCP embryonic count to host = 4294967293" is possible ?

Thanks,

Regards

jj

313
Views
0
Helpful
0
Replies