We see the above errors on Dialer1 which is associated with an ADSL line which we are using with Policy Based Routing (PBR) to offload traffic from our outbound web proxy. There is an outside NAT on Dialer1 and GigabitEthernet0/1 which is our main public network interface.
It seems to me that the VFR is not properly distinguishing IP packets containing fragments coming from the same IP address but arriving on different different interfaces and using a different NAT address.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...