Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Virtual defragmentation errors

To: <[email protected]>, <[email protected]>
Subject: Re: [FW1] Virtual defragmentation errors
From: "David C. Diemer" <[email protected]>
Date: Fri, 13 Oct 2000 07:03:26 -0400
Sender: [email protected]

It's not a bug but a feature.

FW-1 had a problem with fragmented packets that, under certain
conditions, could cause the firewall to stop responding.  The fix was on 
4.0 SP5 and other releases.  The message is "harmless" if you will permit
me, but it is an indicator of the kind of traffic hitting your firewall.  We see 
it here quite frequently especially by the Real, QuickTime, and other data 
streams. 
     
Something else worth considering, if this is the first time you're seeing it,
then you could consider looking at your MTU size across your routers
and firewall to be sure that they are set to handle a frame of data without
fragmenting it.


David C. Diemer, CCSA, CNE
Enterprise Security Firewall Engineer
Georgia Department of Administrative Services (DOAS)
[email protected]>>> <[email protected]> 10/12/00 04:47PM >>>

I have recently installed FW-1 4.1 SP2 on a Solaris 2.6 box. Since
installation I have been receiving Virtual Defragmentation Errors every 60
seconds indicating anywhere from ten to several thousand dropped packets
per minute reported on the loopback interface. Can anyone tell me why there
is such a large volume of these error and how to correct them?

A sample log excerpt:

Virtual defragmentation error: Large packet (8.0.69.192 -> 0.52.0.0 proto
57 id 65535 len 65535 offset 128) - 12 fragments dropped during the last 60
seconds"
Virtual defragmentation error: Duplicate fragment (8.0.69.0 -> 0.40.20.162
proto 57 id 7397 len 8374 offset 128) - 1130 fragments dropped during the
last 60 seconds"
Virtual defragmentation error: Timeout (8.0.69.0 -> 5.220.238.245 proto 182
id 64052 len 0 offset 0) - 1130 fragments dropped during the last 60
seconds"

Brad Field
IS Manager
[email protected] 
www.himss.org 



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html 
================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] RE:
Next by Date: [FW1] Virus
Previous by thread: [FW1] Virtual defragmentation errors
Next by thread: [FW1] Anti-Hacker Tools of the trade.
Index(es):
- Date
- Thread