Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kyozloveyou_FTNT
Staff
Staff

Created on ‎08-20-2024 11:09 PM

Article Id 334965

Troubleshooting Tip: Exceptional table in hyperscale FortiGate

Description This article describes what is an exceptional table and how to check the counter of these exceptional packets.
Scope FortiGate with Hyperscale enabled.
Solution

In the hyperscale environment, there is an exceptional table.

This exceptional table will record the count of exceptional packets.

The exceptional packets is refer to those icmp unreachable, MTU too big (fragment needed) messages accross ICMP, TCP, UDP and etcs.

 

Below are the command and the output sample:

 

HOSTNAME (global) # fnsysctl cat /proc/net/np7/excp
SSE_TTLCHKF (4 ):5513
SSE_FRAGPKT (6 ):108
IHP_L4CHKFAIL (22 ):182
IHP_L4APSFAIL (25 ):11673
PLE_NOT_SYN (72 ):7833870
L2P_FRAG_EXCP (80 ):589841
L2P_SSE_INFO_FAIL (82 ):140367
icmp_err_handle_nr:1301097
icmp_err_sess_search_nr:1114049
icmp_err_sess_cb_nr:1114049
icmp_err_sess_miss_nr:244502
icmp_err_sent_nr:1033041
icmp_err_fast_nr:60796
icmp_err_pkt_drop_nr:268056
large_pkt_count_nr:17
large_pkt_sess_search_nr:17
large_pkt_sess_cb_nr:17
large_pkt_processed_nr:17
frag_pkt_count_nr:589841
frag_pkt_process_nr:301721
frag_pkt_xmit_nr:288103
ttl_check_fail_handle_nr:5513
sess-stats: 3168/429598

 

Note: These counters will keep increasing without flushing until the FortiGate reboots.
128
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.