Guest

Preview Tool

Cisco Bug: CSCvv10680 - The host FXOS_MGMT is experiencing an unusual number of failed TCP connections

Last Modified

Jul 31, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

99.10(1.117)

Description (partial)

Symptom:
When monitoring the FTD/FMC management IP via SNMP and polling OID .1.3.6.1.2.1.6.7.0
Customer keep receiving below alert on SNMP server :
The host DEN-EDGE-FXOS01_MGMT is experiencing an unusual number of failed TCP connections, probably incoming connections. There are now 19.97 per second failed connections. This could be caused by incorrect application backlog parameters, or by incorrect OS TCP listen to queue settings.

Taking catpures on FTD tap0 interface showing a lot of tcp reset packets as below :
tcpdump -ilo -n -v 'tcp[tcpflags] & (tcp-rst) != 0'

203.0.113.1.7063 > 203.0.113.1.53106: Flags [R.], cksum 0x132d (correct), seq 0, ack 4217388597, win 0, length 0
18:33:23.128360 IP (tos 0x0, ttl 64, id 48765, offset 0, flags [DF], proto TCP (6), length 40)
203.0.113.1.5504 > 203.0.113.2.54299: Flags [R.], cksum 0xca66 (correct), seq 0, ack 3660491162, win 0, length 0
18:33:23.216276 IP (tos 0x0, ttl 64, id 4994, offset 0, flags [DF], proto TCP (6), length 40)
203.0.113.1.7080 > 203.0.113.1.44534: Flags [R.], cksum 0x6ca8 (correct), seq 0, ack 3646892070, win 0, length 0
18:33:23.229341 IP (tos 0x0, ttl 64, id 4995, offset 0, flags [DF], proto TCP (6), length 40)
203.0.113.1.7063 > 203.0.113.1.53108: Flags [R.], cksum 0x0821 (correct), seq 0, ack 573448818, win 0, length 0
18:33:27.093168 IP (tos 0x0, ttl 64, id 5241, offset 0, flags [DF], proto TCP (6), length 40)
203.0.113.1.7062 > 203.0.113.1.53245: Flags [R.], cksum 0xcea7 (correct), seq 0, ack 1427777655, win 0, length 0
18:33:27.143379 IP (tos 0x0, ttl 64, id 5242, offset 0, flags [DF], proto TCP (6), length 40)

Conditions:
Cisco Firepower 2100 all versions
Firepower Management Center (VMWare)
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.