| Message Code | PIX-4-209003 |
| Severity | Warning |
| Description | Fragment database limit of number exceeded: src = source_address, dest = dest_address, proto = protocol, id = number |
| Explanation | "Too many IP fragments are currently awaiting reassembly. By default, the maximum number of fragments is 200 (refer to the fragment size command in the Cisco Security Appliance Command Reference to raise the maximum). The Cisco ASA limits the number of IP fragments that can be concurrently reassembled. This restriction prevents memory depletion at the Cisco ASA under abnormal network conditions. In general, fragmented traffic should be a small percentage of the total traffic mix. An exception is in a network environment with NFS over UDP where a large percentage is fragmented traffic; if this type of traffic is relayed through the Cisco ASA , consider using NFS over TCP instead. To prevent fragmentation, see the sysopt connection tcpmss bytes command in the Cisco Security Appliance Command Reference." |
| User Action | If this message persists, a denial of service (DoS) attack might be in progress. Contact the remote peer administrator or upstream provider. |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.