Cisco Cisco ASR 5000
ACS Rulebase Configuration Mode Commands
▀ tcp packets-out-of-order
▄ Command Line Interface Reference, StarOS Release 18
778
Important:
On the outgoing interface, no in-sequence delivery is guaranteed. This
feature is intended to: -deliver the TCP segments in-order to the ECS analysers -buffer the
original packets during OOO conditions, such that application-based flow actions (ex:
Header insertion) can still take place on the actual data packets Its not intended to put the
packets in-sequence on the outgoing interface (although some improvement can be seen
there as well) -the cost of this feature is additional delay for OOO packets (up to a
maximum of the OOO timeout).
original packets during OOO conditions, such that application-based flow actions (ex:
Header insertion) can still take place on the actual data packets Its not intended to put the
packets in-sequence on the outgoing interface (although some improvement can be seen
there as well) -the cost of this feature is additional delay for OOO packets (up to a
maximum of the OOO timeout).
Immediately: Delivers the TCP out-of-order segments in-sequence to the ECS analyzer after all
packets are received and successfully reordered. The 'immediately' feature is accomplishing this by
making a copy of out-of-order packets, and buffering those, while transmitting the original data
packets through the outgoing interface immediately. When the missing packet is received, complete
deep packet inspection of all the packets and all relevant in-line services is done, and then the last
packet is forwarded.
making a copy of out-of-order packets, and buffering those, while transmitting the original data
packets through the outgoing interface immediately. When the missing packet is received, complete
deep packet inspection of all the packets and all relevant in-line services is done, and then the last
packet is forwarded.
If reordering of the buffered packets is not successful within the specified OOO timeout, all the
subsequent received packets in that TCP flow are forwarded without being passed through the
analysers (except the L3/L4 analyzer). As a consequence only L3/L4 rule matching will take place.
subsequent received packets in that TCP flow are forwarded without being passed through the
analysers (except the L3/L4 analyzer). As a consequence only L3/L4 rule matching will take place.
If memory allocation fails or the received packet is partial retransmitted data, the packet will also be
forwarded immediately without being passed through the protocol analyzers, except for the L3/L4
analysers.
forwarded immediately without being passed through the protocol analyzers, except for the L3/L4
analysers.
Important:
This feature is not changing anything on the sequencing of the packets
-This feature has the consequence that during OOO conditions, certain application-based
flow actions (ex: Header insertion) could not take place as the original packets are already
sent out by the time the ECS analyser receives the (copies of) in-sequence packets.
flow actions (ex: Header insertion) could not take place as the original packets are already
sent out by the time the ECS analyser receives the (copies of) in-sequence packets.
Default:
immediately
Usage
Use this command to configure how to process TCP packets that are out of order, while waiting for the earlier
packet(s) to arrive.
packet(s) to arrive.
Important:
When TCP OOO processing has been configured in the rulebase, a session manager crash might be
observed due to overlapping TCP segments and/or reordering packet arriving within TCP OOO configured timeout
value or default value (5 sec). This issue can be resolved by changing the rulebase configuration for TCP OOO packets
from
value or default value (5 sec). This issue can be resolved by changing the rulebase configuration for TCP OOO packets
from
transmit after-reordering
to
transmit immediately
.
Example
The following command sets the timeout timer to
10000
milliseconds:
tcp packets-out-of-order timeout 10000