Some times you will see on a Cisco IOS router the following message in your show logging:
009357: Jul 8 09:28:22.214 CDT: %FW-4-TCP_OoO_SEG: Dropping TCP Segment: seq:104330552 1492 bytes is out-of-order; expected seq:104304632. Reason: TCP reassembly queue overflow - session <internal host>:1535 to <external host>:80
This message can be very annoying if you see it. And sometimes it looks that the device is really busy or is getting trouble. There are 2 lines which solve this message and you won’t see it again.
These 2 commands you have to add in your configuration:
ip inspect tcp reassembly queue length 128 ip inspect tcp reassembly timeout 10
After you have entered this command you will see that there aren’t any messages anymore in you logging of you IOS router.
2 thoughts on “Get rid Cisco IOS router message: %FW-4-TCP_OoO_SEG: Dropping TCP Segment”
thanks, this fixed it for me
With zone-based firewall in place, these settings are configured under
“parameter-map type ooo global”