Solved

CISCO1921/K9 IP_VFR-4-FRAG_TABLE_OVERFLOW

Posted on 2013-11-19
6
2,156 Views
Last Modified: 2013-11-21
Hello Experts,

I have upgraded our copper ADSL line ( 4MB) to Fiber Optic 100 MB Internet Connection.

I am receiving following warning on our cisco router 1921

*Nov 19 09:40:12.123: %IP_VFR-4-FRAG_TABLE_OVERFLOW: Dialer0: the fragment table
 has reached its maximum threshold 64

Can someone please advise on the cause and the fix please.


Some outputs

interface Dialer0
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly in max-reassemblies 64
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication pap chap callin
 ppp chap hostname XXXXXXXXXX
 ppp chap password 0 8730
 ppp pap sent-username XXXXXXXXXXX password 0 8730
 no cdp enable
end

interface Dialer0
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly in max-reassemblies 64
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication pap chap callin
 ppp chap hostname 126652897@stc.net.sa
 ppp chap password 0 8730
 ppp pap sent-username 126652897@stc.net.sa password 0 8730
 no cdp enable
end

Dialer0:
   Virtual Fragment Reassembly (VFR) is ENABLED [in]
   Concurrent reassemblies (max-reassemblies): 64
   Fragments per reassembly (max-fragments): 32
   Reassembly timeout (timeout): 3 seconds
   Drop fragments: OFF

   Current reassembly count:0
   Current fragment count:0
   Total reassembly count:2590809
   Total reassembly timeout count:37



Thanks
0
Comment
Question by:cciedreamer
  • 2
  • 2
  • 2
6 Comments
 
LVL 1

Accepted Solution

by:
thrigger earned 500 total points
ID: 39659099
The message %IP_VFR-4-FRAG_TABLE_OVERFLOW suggests that your router is handling lots of fragmented IP packets and is running low on the buffer that holds the data to identify the fragments. This buffer can be enlarged using the command ip virtual-reassembly max-reassemblies 512 on your Gi0/0 interface to allow 512 packets to be virtually reassembled for ACL purposes at a time. However, a more appropriate course of action would be to identify why are you receiving so many fragmented packets. Clearly the virtual reassembly size of 64 packets is the cause of this.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39659104
Normally one of the causes of fragmentation could be a wrongly set mtu. From the top of my head 1492 should be ok for a ppp connection but you might want to check (with your ISP).
The other thing you can do is, like thrigger said, raise the value of the reassembly (though that might not address the cause of the issue).
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 39659168
I have configured the below command and so far no  warning messages.

ip virtuak-reassemble max-reassemblies 512

But what could be the reason for those messages.

Thanks
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 35

Expert Comment

by:Ernie Beek
ID: 39659178
Well, like I stated above (mtu settings). Also, when using IPSec, GRE, etc you can expect this.
0
 
LVL 1

Expert Comment

by:thrigger
ID: 39659193
High CPU usage caused by the low max-reassemblies you set and also there is no hardware acceleration support for the 1921 routers.
0
 
LVL 3

Author Closing Comment

by:cciedreamer
ID: 39667815
Thanks it's solved
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now