Large downloads fail with error "IDP detection OOO Exceed max"

03/26/2020 66 People found this article helpful 40,733 Views

Download

Print

Share

• LinkedIn
• Twitter
• Facebook
• Email
• Copy URL The link has been copied to clipboard

Description

After the upgrade to 6.5.1, large file downloads are failing at random percentage. When this happens, packets are getting dropped as - IDP detection OOO Exceeded Max (DROPPED, Drop Code: 138(IDP detection OOO Exceeded Max), Module Id: 25(network).

Resolution

To resolve this issue, first try the following:

1. In the Diag page of the firewall perform the following (replace main.html with diag.html in the URL of the firewall).
   1. Set Deschedule Packet Count to 0 from diag page.
   2. Enable "Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service".
   3. Set a limit on "Maximum allowed advertised TCP window with any DPI-based service enabled (KBytes)" from 256 to 512 | In case it doesn't help, change it back to 256.
2. Under Manage | Network | Interfaces lower the MTU of your default WAN Interface (try with values as low as 1300 just for testing purposes). In case this doesn't help, change it back to the previous MTU value.

If the issue persists, it has been fixed on 6.5.1.2-52n and 6.5.1.3-11n for 6.5.1 releases.

For 6.5.2 releases, please contact our technical support.

There are two ways to contact technical support:

1. Online: Visit mysonicwall.com. Once logged in select Resources & Support | Support | Create Case. 

2. By phone: please use our toll-free number at 1-888-793-2830. Please have your SonicWall serial number available to create a new support case.

If you do not have a mysonicwall.com account create one for free!

ISSUE ID:

204430

Related Articles

• DNS Resolution of Wildcard FQDN Address Objects
• All associated wildcard FQDN IP addresses do not display in the web browser
• How to Re-Install The Junk Store

Categories

• Firewalls > SonicWall NSA Series
• Firewalls > NSa Series
• Firewalls > TZ Series