Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Equipment Support » Hardware By Brand » Cisco » pix and fragment riddle
Search Topic:
Uniqs:
154		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Submit a new forum topic ·Forum FAQ ·Submit a FAQ ·Docs Guidelines and Advisories ·EOS/EOL thread
Ciscoworks »
« [Config] DynDNS.org on Cisco 871  
AuthorAll Replies

snarohyans

join:2005-11-10
Indianapolis, IN

reply to highland8
Re: pix and fragment riddle

It looks to me like there is a portion missing to that question...

Typically when executing that command, you should get the following:

pixfirewall(config)# show fragment outside
Interface: outside
Size:2000, Chain:45, Timeout:10
Queue:1060, Assemble:809, Fail:0, Overflow:0

Which indicates:

•A database size limit of 2000 packets.
•The chain length limit of 45 fragments.
•A timeout of ten seconds.
•1060 packets currently awaiting re-assembly.
•809 packets have been fully reassembled.
•No failure.
•No overflow.

Therefore, to answer the question, you would add up the queue and assembled tallies to come up with a total of the number of fragmented packets that have entered the interface.

It sounds incomplete to me, but I might be missing something

Hope this helps!
Aaron
to forum · permalink · · 2006-03-18 10:01:23 · Reply to this

highland8

join:2005-05-24
POLAND

 Hello

On CCSP i have question:
pixfirewall# show fragment
Interface: outside
Size: 200, Chain: 24, Timeout: 5, Threshold: 133

How may fragment packets have entered the outside interface of the PIX Security Appliance since the last time the clear fragment command was executed ?
There are several answers: 133,200,900,915,920,935
And 935 is correct. Why ??
to forum · permalink · · 2006-03-18 08:03:31 · Reply to this
Forums » Equipment Support » Hardware By Brand » CiscoCiscoworks »
« [Config] DynDNS.org on Cisco 871  

Sunday, 29-Nov 08:38:16 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [122] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [80] TiVo Sees Record Customer Losses
· [73] Verizon CEO: Hulu Will Be Dead Soon
· [73] Weekend Open Thread
· [69] In-Flight Internet Headed For Bumpy Landing?
· [62] Thanksgiving Open Thread
· [40] EFF Wages War On Fine Print
Most people now reading
· AV-Comp. Retrospective/Proactive Test 11/2009 released [Security]
· Windows 7 boot manager editing questions [Microsoft Help]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· Evading throttling with uTP / uTorrent 1.9a [TekSavvy]
· [ Professions] Northrend Herbalism and Mining Tracks [World of Warcraft]
· Using DIR-615 C1/3.01 with Trendnet TEW-652BRP in N Mode [D-Link]
· Shareport problem on DIR-655 [D-Link]
· Surfers beware !!! [TekSavvy]
· [Newsgroups] Newzleech down? [Filesharing Software]