Drops in packet capture

@reaper 

Thank you for your reply.

I have configured a VPN tunnel Site A and site B.My client is in site A and the server belongs from Site B.

 - In the security policy allowed traffic any with specific IP addresses b/w client and server.

 - Once i copied any big file from Server to client i am getting drops packet in a packet capture.

 - I have checked the files are copied through NBSS and SMB2 protocol.

 - When i checked the drops packet in Wireshark, i can see multiple packets TCP retransmissions from server-side and 2 packets also from server side with error: - Notify Response, Error: STATUS_NOTIFY_CLEANUP.

 - My concern is why the firewall is drop packets.

Note: - Files are copied successfully but it takes a too long time.

Please suggest.

Global counters should help with this

It sounds like there may be packets sent out of order or out of window that the firewall is discarding

@reaperThanks you for your quick response.

While packet capture I have run the global counter but I didn't get any drops.

What steps i need to do for fix this issue. is this a firewall issue?

@Jafar_Hussainwhich counters did you see?

It sounds like a network issue you may be able to workaround by relaxing the firewalls tolerance if you are unable to address the network latency

@reaper 

I have seen show counter global filter packet-filter yes delta yes.

but didn't get any drops.

I am not getting this point workaround by relaxing the firewalls tolerance could you please brief.

@Jafar_Hussain  there are several settings that can be set to be less strict (timers, out of window/order packets,...) So network problems are allowed to happen rather than prevented. We'll need to find the global counters you do see to properly advise what to try. Please share the global counters seen

@reaper 

Below is the result of counter command:-

I want to know only is there any issue with the firewall setting? because i have allowed all traffic b/w client and server.

or the traffic is going via a tunnel it may be cause this issue?

Please post the global counters without the drop filter

@reaper 

Oh, i took the capture with drop filter. now it is very tough to access of firewall again.

I will share the counter once i will take access again, apart from this. is there any suggestion from your side?

@reaper 

I am facing this issue with LAN also. traffic is flowing trust zone to DMZ zone internally inside the firewall.

When i check this, the same issue is happening meantime I run the counter and found a firewall drop some packets. below is the snapshot.

please suggest this.

Thanks in advance.

The content engine queue is getting full

This could be due to too many small/large packets or other issues (fragmentation,...), but you used the drop filter again so there's not enough information to make an educated guess

Please try

> Debug dataplane pool statistics

@reaper 

Thanks for the reply.

I will try with command.

@reaper 

Below is the output of the command:- show counter global filter packet-filter yes delta yes

Debug command output I will share later.