Properties

PseudoReass_MaxConcurrent

Maximum number of concurrent fragment reassemblies. Set to 0 to drop all fragments. (Default: 1024)

IllegalFrags

Illegally constructed fragments; partial overlaps, bad sizes, etc. (Default: DropLog)

DuplicateFragData

On receipt of duplicate fragments, verify matching data. (Default: Check8)

FragReassemblyFail

Failed packet reassembly attempts - due to timeouts or packet losses. (Default: LogSuspectSubseq)

DroppedFrags

Fragments of packets dropped due to rule base. (Default: LogSuspect)

DuplicateFrags

Duplicate fragments received. (Default: LogSuspect)

FragmentedICMP

Fragmented ICMP messages other than Ping; normally invalid. (Default: DropLog)

IP6NopFrags

Packet is first and last fragment at the same time (and by definition not a fragment, though it have got a fragment header). Note that these packets are legal, and serves a purpose as an non-IPv6 to IPv6 connection mechanism (see rfc2460 for details). (Default: Ignore)

IP6ResvFldFrags

Fragments with a non-zero value in the reserved field (header size for all other extension headers). (Default: StripLog)

IP6ResvBitFrags

Fragments with a non-zero value in the reserved fragment bits. (Default: StripLog)

IP6MinimumFragLength

Minimum allowed payload length of non-last IPv6 fragments. (Default: 640)

MinimumFragLength

Minimum allowed payload length of non-last fragments. (Default: 8)

ReassTimeout

Timeout in seconds of a reassembly, since previous received fragment. (Default: 65)

ReassTimeLimit

Maximum life time in seconds of a reassembly, since first received fragment. (Default: 90)

ReassDoneLinger

How long (in seconds) to remember a completed reassembly (watching for old dups). (Default: 20)

ReassIllegalLinger

How long (in seconds) to remember an illegal reassembly (watching for more frags). (Default: 60)

IP6RejectBadFragLength

Send Parameter Problem error when receiving fragment with bad data length. (Default: No)

IP6SendErrorOnTimeout

Send Time Exceeded error when a fragment reassembly times out. (Default: No)

LocalReass_MaxSize

Maximum size of a locally reassembled packet. This setting applies in addition to normal length limit settings when a fragmented packet is reassembled for processing by the device rather than for forwarding. (Default: 10000)