Cisco Bug: CSCvv75643 - TCP Issues at vtcp alg layer in DNS NAT with large TCP strams
Sep 29, 2020
- Cisco ASR 1000 Series Aggregation Services Routers
Known Affected Releases
Symptom: Network address translation (NAT) Application-level gateway (ALG) for DNS can generate unexpected TCP frames while processing a large request over TCP connection. With every frame from server an ACK is sent also to client, while there was not traffic. Once response is processed and sent to client, client ACKs are forwarded to server despite the message was acknowledged already. When reaching available buffer, the connection is expected to reset, but the RST frame is sent to the server only. Subsequent frames generate other RST frames, on the client side ignored due to invalid sequence. Connection gets stuck until client times out. Conditions: DNS nat configuration, and size of TCP streams over about 40kB.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases