Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco ASA 5510 Adaptive Security Appliance
  5. Leaflet

Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Download
Page of 1264
 
3-25
Cisco ASA Series 명령 참조, S 명령      
 
3      show as-path-access-list through show auto-update 명령
  show asp drop    
----------------------------------------------------------------
Name: tcp-conn-limit
TCP connection limit reached:
    This reason is given for dropping a TCP packet during TCP connection establishment 
phase when the connection limit has been exceeded. The connection limit is configured via 
the 'set connection conn-max' action command.
Recommendation:
    If this is incrementing rapidly, check the syslogs to determine which host's 
connection limit is reached. The connection limit may need to be increased if the traffic 
is normal, or the host may be under attack.
Syslogs:
    201011
----------------------------------------------------------------
Name: conn-limit
Connection limit reached:
    This reason is given for dropping a packet when the connection limit or host 
connection limit has been exceeded. If this is a TCP packet which is dropped during TCP 
connection establishment phase due to connection limit, the drop reason 'TCP connection 
limit reached' is also reported.
Recommendation:
    If this is incrementing rapidly, check the syslogs to determine which host's 
connection limit is reached. The connection limit may need to be increased if the traffic 
is normal, or the host may be under attack.
Syslogs:
    201011
----------------------------------------------------------------
Name: tcp_xmit_partial
TCP retransmission partial:
    This counter is incremented and the packet is dropped when check-retransmission 
feature is enabled and a partial TCP retransmission was received.
Recommendations:
    None
Syslogs:
    None
----------------------------------------------------------------
Name: tcpnorm-rexmit-bad
TCP bad retransmission:
    This counter is incremented and the packet is dropped when check-retransmission 
feature is enabled and a TCP retransmission with different data from the original packet 
was received.
Recommendations:
    None
Syslogs:
    None
----------------------------------------------------------------
Name: tcpnorm-win-variation
TCP unexpected window size variation: