Large downloads fail with error "IDP detection OOO Exceed max"

03/26/2020 61 9360

DESCRIPTION:

After the upgrade to 6.5.1, large file downloads are failing at random percentage. When this happens, packets are getting dropped as - IDP detection OOO Exceeded Max (DROPPED, Drop Code: 138(IDP detection OOO Exceeded Max), Module Id: 25(network).

RESOLUTION:

To resolve this issue, first try the following:

1. In the Diag page of the firewall perform the following (replace main.html with diag.html in the URL of the firewall).
   1. Set Deschedule Packet Count to 0 from diag page.
   2. Enable "Enable enforcement of a limit on maximum allowed advertised TCP window with any DPI-based service".
   3. Set a limit on "Maximum allowed advertised TCP window with any DPI-based service enabled (KBytes)" from 256 to 512 | In case it doesn't help, change it back to 256.
2. Under Manage | Network | Interfaces lower the MTU of your default WAN Interface (try with values as low as 1300 just for testing purposes). In case this doesn't help, change it back to the previous MTU value.

If the issue persists, it has been fixed on 6.5.1.2-52n and 6.5.1.3-11n for 6.5.1 releases.

For 6.5.2 releases, please contact our technical support.

There are two ways to contact technical support:

1. Online: Visit mysonicwall.com. Once logged in select Resources & Support | Support | Create Case. 

2. By phone: please use our toll-free number at 1-888-793-2830. Please have your SonicWall serial number available to create a new support case.

If you do not have a mysonicwall.com account create one for free!

ISSUE ID:

204430