AnsweredAssumed Answered

TCP Segment limit enforcement

Question asked by Michael Gonnason on May 4, 2018
Latest reply on May 6, 2018 by Michael Gonnason

Does anyone have any details regarding "TCP Segment limit enforcement" is? We are running R80.10 take 70 on all devices.

 

We recently had an issue where our Checkpoint was causing a slowdown in all traffic, which was solved by failing over the cluster. 

 

After that I was looking through the logs and saw millions of matches on the IPS protection "TCP Segment limit enforcement".

 

We did not have any network events, or loops, during this issue. Some traffic would make it fine, as it was seemingly random as to what the Checkpoint would drop.

 

I did find a seeming related SK but it is only for R77: sk114529

Traffic is dropped by IPS protection "TCP Segment Limit Enforcement" due to attack "TCP segment out of maximum allowed s… 

Outcomes