Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

xt_TCPMSS: bad length (160 bytes) meaning

Edivas
Aspirant
Aspirant
‎2016-08-24 08:09 AM
‎2016-08-24 08:09 AM

xt_TCPMSS: bad length (160 bytes) meaning

Hi, anyone has an idea what does this error mean:

Tue Aug 23 18:23:58 2016((GMT)) [SRX5308][Kernel][KERNEL] printk: 104130 messages suppressed.
Tue Aug 23 18:23:58 2016((GMT)) [SRX5308][Kernel][KERNEL] xt_TCPMSS: bad length (160 bytes)

Firewall got flooded with it.

Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
Message 1 of 7
0 Kudos
Reply

Accepted Solutions
Edivas
Aspirant
Aspirant
‎2016-08-25 11:46 PM
‎2016-08-25 11:46 PM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Ok, found an answer what was the cause of it. In my case this was a ddos attack on our servers. I quess it overfilled the firewall with packets or connections. I enabled session limitting then and logs showed connetions from different adreses. That didn't help of course... still got locked out. Only checked the logs when it stopped.

Thanks

 

View solution in original post

Message 3 of 7
0 Kudos
Reply

All Replies
JohnRo
NETGEAR Employee Retired
‎2016-08-25 09:28 AM
‎2016-08-25 09:28 AM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Hello Edivas, 

 

Welcome to the community! 

 

I'm not familiar with the error message you are getting, doing a search online shows different causes on why the error shows up. What changes have you made to the firewall/network before you got this error? How old is the router? 

 

Thanks, 

Message 2 of 7
0 Kudos
Reply
Edivas
Aspirant
Aspirant
‎2016-08-25 11:46 PM
‎2016-08-25 11:46 PM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Ok, found an answer what was the cause of it. In my case this was a ddos attack on our servers. I quess it overfilled the firewall with packets or connections. I enabled session limitting then and logs showed connetions from different adreses. That didn't help of course... still got locked out. Only checked the logs when it stopped.

Thanks

 

Message 3 of 7
0 Kudos
Reply
JohnRo
NETGEAR Employee Retired
‎2016-08-26 08:56 AM
‎2016-08-26 08:56 AM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Hi Edivas,

 

I see. Try enabling "Block TCP flood", you can find this settin in Security>Firewall>Attack checks. See if this will help. 

 

Thanks, 

Message 4 of 7
0 Kudos
Reply
Edivas
Aspirant
Aspirant
‎2016-08-26 10:31 AM
‎2016-08-26 10:31 AM

Re: xt_TCPMSS: bad length (160 bytes) meaning

"Block TCP flood" was enabled and set up at 40 packets per second, but it didn't help. Unless i need to set it to even lower value?

Message 5 of 7
0 Kudos
Reply
JohnRo
NETGEAR Employee Retired
‎2016-08-26 04:45 PM
‎2016-08-26 04:45 PM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Hi Edivas, 

 

I suggest contacting Support for this issue to be looked at. It's possible that it needs to be escalated to engineering. 

 

Thanks, 

Message 6 of 7
0 Kudos
Reply
DaneA
NETGEAR Employee Retired
‎2016-08-30 04:42 AM
‎2016-08-30 04:42 AM

Re: xt_TCPMSS: bad length (160 bytes) meaning

Hi Edivas,

 

Were you able to open an online case with NETGEAR Support for further assistance?  If yes, keep us posted about the progress of your online case.

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 7 of 7
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 6 replies
  • ‎2016-08-24 08:09 AM
  • 12783 views
  • 0 kudos
  • 3 in conversation
Announcements