None of these 3 messages seem to exist anywhere in Cisco documentation, so I'm unable to look up the exact meaning and left to only guess.
For the first type of message, why does IPS feel the need to tell me that it's sending a TCP packet? Is there something special about the packets it logs that it thinks I should know? Does "Sending TCP packet:" actually mean it's blocking it or thinks it should be blocking it?
For the OOO full ones, I've tried tuning the TCP reassembly parameters, but it has no effect. The only documentation I can find says to use "ip inspect tcp reassembly ..." commands, however since we use the zone-based policy engine rather than the ip inspect engine, I also tried tuning "parameter-map type ooo global" to the same values. Neither had any effect on the frequency of the messages. I can't find any way to tune parameters under the IOS IPS engine itself.
Anybody have any ideas on what else to try?
Edit to add: I have an identical 2911 router in another location that doesn't throw any of these log messages. It's on a significantly faster Internet connection, but much lighter user load, which leads me to believe the issue is definitely caused by heavy load, which is why I want to increase the reassembly limits to cope with the load.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :