Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Monitoring TCP Statistics for IPv6

    Purpose

    Display all TCP statistics (both IPv4 and IPv6). The TCP statistics are displayed only for the connections that are active within the context of the virtual router:

    • You can use the ip keyword to display only IPv4 statistics.
    • You can use the ipv6 keyword to display only IPv6 statistics.
    • You can use the brief keyword to display summary information or the detailed keyword to display extensive information.
    • You can use the diagnostic keyword to display diagnostic information collected on the TCP statistics in addition to the detailed information. This command shows information only for the connections that are active within the context of the virtual router in which you issue the command.

    Note:

    • You must configure an IPv6 license using the license ipv6 command before using the IPv6 routing protocol configuration commands on the E Series router.
    • All IPv6 routing protocol-related configurations are removed from the virtual router when you issue the no ipv6 command.

    Action

    To display TCP statistics for IPv6:

    host1#show ipv6 tcp statistics
    TCP Global Statistics:
      Connections: 7358 attempted, 4 accepted, 7362 established
            0 dropped, 14718 closed
      Rcvd: 75923 total pkts, 53608 in-sequence pkts, 3120303 bytes
            0 chksum err pkts, 0 authentication err pkts, 0 bad offset pkts
            0 short pkts, 0 duplicate pkts, 0 out of order pkts
      Sent: 82352 total pkts, 44404 data pkts, 657095 bytes
            34 retransmitted pkts, 487 retransmitted bytes
    TCP Session Statistics:
      Local addr: 0.0.0.0, Local port: 23
      Remote addr: 0.0.0.0, Remote port: 0
      State: LISTEN Authentication: None
      Rcvd: 4 total pkts, 0 in-sequence pkts, 0 bytes
            0 chksum err pkts, 0 bad offset pkts, 0 short pkts
            0 duplicate pkts, 0 out of order pkts
      Sent: 0 total pkts, 0 data pkts, 0 bytes
            0 retransmitted pkts, 0 retransmitted bytes
      Local addr: 192.168.1.250, Local port: 23
      Remote addr: 10.10.0.77, Remote port: 2170
      State: ESTABLISHED Authentication: None
      Rcvd: 61 total pkts, 34 in-sequence pkts, 41 bytes
            0 chksum err pkts, 0 bad offset pkts, 0 short pkts
            0 duplicate pkts, 0 out of order pkts
      Sent: 64 total pkts, 45 data 
      Local addr: 192.168.1.250, Local port: 23
      Remote addr: 10.10.0.77, Remote port: 2170
      State: ESTABLISHED Authentication: None
      Rcvd: 61 total pkts, 34 in-sequence pkts, 41 bytes
            0 chksum err pkts, 0 bad offset pkts, 0 short pkts
            0 duplicate pkts, 0 out of order pkts
      Sent: 64 total pkts, 45 data pkts, 2304 bytes
            0 retransmitted pkts, 0 retransmitted bytes
     Local addr: 192.168.1.250, Local port: 23
      Remote addr: 192.168.1.139, Remote port: 1038
      State: ESTABLISHED Authentication: None
      Rcvd: 295 total pkts, 159 in-sequence pkts, 299 bytes
            0 chksum err pkts, 0 bad offset pkts, 0 short pkts
            0 duplicate pkts, 0 out of order pkts
      Sent: 281 total pkts, 210 data pkts, 3089 bytes
            0 retransmitted pkts, 0 retransmitted bytes

    To display diagnostic information for all TCP statistics (both IPv4 and IPv6):

    host1#show tcp statistics diagnostic
    ...
    Global Diagnostic Data
        Unknown Connection log
    Source address/port -> local port
             128.127.126.125/124 -> 8080  count: 3
             111.111.111.111/222 -> 3333  count: 4
    # connection-reqs rejected: 0
        # connection-reqs pending: 0
        # sonewconn calls that fail: 0
    ...
      Diagnostics:
        PRU_ Operations counters:
          PRU_ATTACH: 0
          PRU_DETACH: 0
          PRU_BIND: 1
          PRU_LISTEN: 1
          PRU_CONNECT: 0
          PRU_ACCEPT: 0
          PRU_DISCONNECT: 0
          PRU_SHUTDOWN: 0
          PRU_RCVD: 0
          PRU_SEND: 0
          PRU_ABORT: 0
          PRU_CONTROL: 0
          PRU_SENSE: 0
          PRU_RCVOOB: 0
          PRU_SENDOOB: 0
          PRU_SOCKADDR: 0
          PRU_PEERADDR: 0
          PRU_CONNECT2: 0
          PRU_FASTTIMO: 0
          PRU_SLOWTIMO: 0
          PRU_PROTORCV: 0
          PRU_PROTOSEND: 0
        Wildcard Matches: 2
        Rcv'd Packets after connection closed: 0
        Connect request rejected: 0
        Connect request approval pending 0
        New soconnect failed 0
        # Write-Wakeups: 0
        # Read wakeups 0
        # receives after close 0
        Retransmit timer: 0
        Persistence timer: 0
        Keepalive timer: 0
        2MSL timer: 0
        tcpDisconnect()s: 0
        keep T/O pre-estab: 0
        tcpkeeptimeo_idle: 0
    ...
    TCP Connection Event Log (most recent at bottom)
          TCPS_ELOG_PRU_ATTACH
          TCPS_ELOG_PRU_BIND
    
    

    To display extensive information for all TCP statistics (both IPv4 and IPv6):

    host1#show tcp statistics detailed
    ...
    RST/SYN-Ack Protection is: ENABLED
        RSTs acked: 0
        ...Bogus RSTs: 0
        SYNs acked: 0
        ...Bogus SYNs: 0
        Data Insertions rejected: 0 
    PMTUD Information:      PMTUD: ENABLED
        Administrative Minimum MTU: 512
        Administrative Maximum MTU: none
        Timer 1: 10 minutes
        Timer 2: 2 minutes
        # ICMP TooBigs: 0
        # ICMP TooBigs for unk. connection: 0
        PMTU Increase Attempts: 17
        Black Hole Detect Threshold: 50 retransmissions
    ...
    MTU/MSS Information
        ENABLED on this connection
        MSS in effect: 536
        Calculated MSS to peer: 536
        MSS received from peer: 0
        Application set MSS: 0
        Xmit Interface MSS: 0
        MSS Sent to Peer: 0
        "ICMP DestUn, Frag Req'd and DF Set" messages: 0
        Number of attempts to increase PMTU: 0
        Time to next increase attempt: 0 seconds
        Black Hole Detection State: none 
    ...
    Out-of-order Packet Queue Information
      Buffers Outstanding: 25
               High Water: 28
        Buffers discarded: 15
    ...
    TCP-Paws is disabled

    Meaning

    Table 1 lists the show ipv6 tcp statistics command output fields.

    Table 1: show ipv6 tcp statistics Output Fields

    Field Name

    Field Description

    TCP Global Statistics Connections

    • attempted—Number of outgoing TCP connections attempted
    • accepted—Number of incoming TCP connections accepted
    • established—Number of TCP connections established

    TCP Global Statistics Rcvd

    • total pkts—Total number of packets received
    • in-sequence pkts—Number of packets received in sequence
    • bytes—Number of bytes received
    • chksum err pkts—Number of checksum error packets received
    • authentication err pkts—Number of authentication error packets received
    • bad offset pkts—Number of bad offset packets received
    • short pkts—Number of short packets received
    • duplicate pkts—Number of duplicate packets received
    • out of order pkts—Number of packets received out of order

    TCP Global Statistics Sent

    • total pkts—Total number of packets sent
    • data pkts—Number of data packets sent
    • bytes—Number of bytes sent
    • retransmitted pkts—Number of packets retransmitted
    • retransmitted bytes—Number of bytes retransmitted

    Global Diagnostic Data Unknown Connection log

    Includes the following global statistics:

    • Source address/port – local port—Shows the 32 most recent TCP connection attempts that were rejected, including the remote node’s IP or IPv6 address and port, the local port for the connection attempt, and the number of identical attempts that have been received on that port in a row. The reason for rejection is not given. This information may be useful in tracking down DoS attacks.
    • # connection-reqs rejected—Total number of connection attempts that have been rejected
    • # connection-reqs pending—Current number of connection attempts that are pending, awaiting additional data from the peer
    • # sonewconn calls that fail—Number of calls to sonewconn that have failed. This statistic often indicates that either a socket connection limit has been reached or that there was no memory to hold the socket data structures.

    TCP Session Statistics

    • Local addr—Local address of the TCP connection
    • Local port—Local port number of the TCP connection
    • Remote addr—Remote address of the TCP connection
    • Remote port—Remote port number of the TCP connection
    • State—Current state of the TCP connection
    • Authentication—Authentication status of the TCP connection

    TCP Session Statistics Rcvd

    • total pkts—Total number of packets received on the TCP connection
    • in-sequence pkts—Number of packets received in sequence on the TCP connection
    • bytes—Number of bytes received on the TCP connection
    • chksum err pkts—Number of checksum error packets received on the TCP connection
    • bad offset pkts—Number of bad offset packets received on the TCP connection
    • short pkts—Number of short packets received on the TCP connection
    • duplicate pkts—Number of duplicate packets received on the TCP connection
    • out of order pkts—Number of packets received out of order on the TCP connection

    TCP Session Statistics Sent

    • total pkts—Total number of packets sent on the TCP connection
    • data pkts—Number of data packets sent on the TCP connection
    • bytes—Number of bytes sent on the TCP connection
    • retransmitted pkts—Number of packets retransmitted on the TCP connection
    • retransmitted bytes—Number of bytes retransmitted on the TCP connection

    PRU_ Operations counters

    Number of calls for each of the indicated PRU_operations within the TCP service API. These are per-connection statistics.

    Wildcard Matches

    Number of packets received that matched this TCP connection due to wildcard matching. Matching is expected for listening server connections, such as Telnet, but is not expected for established connections. This is a per-connection statistic.

    Rcv'd Packets after connection closed

    Number of packets received on the connection after the connection has been closed (and before the data structure gets removed). This is a per-connection statistic.

    Connect request rejected

    Number of times an incoming connection request was not approved. This is a per-connection statistic.

    Connect request approval pending

    Number of times that an incoming connection request was held pending, waiting for a subsequent packet. This is a per-connection statistic.

    New soconnect failed

    Number of times a SONEWCONN() was tried on a listening connection and failed. This is a per-connection statistic.

    # Write-Wakeups

    Number of times a “ write wakeup” occurred on the connection. This is a per-connection statistic.

    # Read wakeups

    Number of times a “ read wakeup” occurred on the connection. This is a per-connection statistic.

    # receives after close

    Number of packets received with data after the connection entered the close-wait state. This is a per-connection statistic.

    Retransmit timer

    Current value of the retransmit timer

    Persistence timer

    Current value of the persistence timer

    Keepalive timer

    Current value of the keepalive timer

    2MSL timer

    Current value of the 2MSL (max segment lifetime) timer

    tcpDisconnect()s

    Number of times BsdTcp::tcpDisconnect() was called. This is a per-connection statistic.

    keep T/O pre-estab

    Number of times the keepalive timer expired before the connection reached the established state. This is a per-connection statistic.

    tcpkeeptimeo_idle

    Number of times the keepalive timer popped, but no keepalive was sent because of connection idle-time considerations. This is a per-connection statistic.

    TCP Connection Event Log (most recent at bottom)

    Event log for the TCP connection. It shows the last 32 events that occurred on the connection. The most recent event is at the bottom of the list. This is per-connection data.

    • TCPS_ELOG_PRU_ATTACH
    • TCPS_ELOG_PRU_BIND

    The following events can be recorded:

    • Fast Timeout—Did a PRU_CONNECT
    • 2MSL Timeout—Did a PRU_CONNECT2
    • Retransmit Timeout—Did a PRU_DISCONNECT
    • Persist Timeout—Did a PRU_ACCEPT
    • Received FIN packet—Did a PRU_SHUTDOWN
    • Received SYN packet—Did a PRU_RCVD
    • Received Retransmission—Did a PRU_SEND
    • Transmit a FIN packet—Did a PRU_ABORT
    • Transmit a SYN packet—Did a PRU_SENSE
    • Retransmit a packet—Did a PRU_RCVOOB
    • Did a PRU_ATTACH—Did a PRU_SENDOOB
    • Did a PRU_DETACH—Did a PRU_SOCKADDR
    • Did a PRU_BIND—Did a PRU_PEERADDR
    • Did a PRU_LISTEN—The keepalive timer popped. An 8-bit argument that describes how the timer was handled:
    • Ignored because the session was not established (that is, not in the OPEN state)
    • Ignored due to idle-timeout considerations
    • A packet was sent
    • Ignored because the connection did not have the keepalive option set OR the connection was in the process of closing

    RST/SYN-Ack DoS Protection

    Specifies when this function is enabled:

    • RSTs acked—Number of RSTs received and then acknowledged by the TCP stack.

      Note: This count is maintained even when the protection functions are disabled. The value indicates the count of packets that would have been acknowledged if the protections were enabled. Providing this information can help determine whether attacks are occurring.

    • Bogus RSTs—Number of RSTs that were judged to be invalid (that is, their timer expired) and therefore ignored
    • SYNs acked—Number of SYNs received and then acknowledged by the TCP stack.

      Note: This count is maintained even when the protection functions are disabled. The value indicates the count of packets that would have been acknowledged if the protections were enabled. Providing this information can help determine whether attacks are occurring.

    • Bogus SYNs—Number of RSTs that were judged to be invalid (that is, their timer expired) and therefore ignored
    • Data Insertions rejected—Number of packets received and dropped because they are believed to have been inserted by an attacker

      Note: This count is maintained even when the protection functions are disabled. The value indicates the count of packets that would have been rejected if the protections were enabled. Providing this information can help determine whether attacks are occurring.

    PMTUD information

    Information regarding path MTU discovery:

    • PMTUD—Status of path MTU discovery on the virtual router: enabled or disabled
    • Administrative Minimum MTU—Minimum MTU that is enabled on any connection; a value of “ none” indicates that the minimum is zero (0)
    • Administrative Maximum MTU—Maximum MTU that is enabled on any connection; a value of “ none” indicates that the maximum is 65535
    • Timer 1—Amount of time the virtual router waits after receiving an ICMP Too Big message before attempting to increase the path MTU
    • Timer 2—Amount of time the virtual router waits after successfully increasing the MTU before attempting to increase it more
    • # ICMP TooBigs—Number of ICMP Too Big messages that the router has received. When PMTU is disabled, this counter does not increase.
    • # ICMP TooBigs for unk. connection—Number of ICMP Too Big messages that the router has received for TCP connections that do not exist. When PMTU is disabled, this counter does not increase.
    • PMTU Increase Attempts—Number of attempts the router has made to increase the PMTU
    • Black Hole Detect Threshold—Number of successive transmissions that must occur on a connection before that connection treats retransmissions as indications that something is wrong
    • Override MSS—MSS that is advertised to peers, overriding the MSS that is derived from the interface MTU. This line does not appear in the output if you do not set the value.

    MTU/MSS information

    Information regarding path MTU/MSS:

    • PMTU—Status of MTU/MSS on this virtual router: enabled or disabled
    • MSS in effect—MSS currently being used for transmission to the peer. This number changes while various network events occur to cause the router to increase or decrease its estimate of the MSS.
    • Calculated MSS to peer—MSS that path MTU discovery has calculated (if PMTUD is enabled) to the peer
    • MSS received from peer—MSS that the peer received in a TCP MSS option. If no option is received, the value is zero (0).
    • Application set MSS—MSS that an application might have set for the connection
    • Xmit Interface MSS—MSS for the interface used to transmit packets to the peer; calculated as the interface MTU minus the size of the TCP and IP headers.
    • MSS Sent to Peer—MSS that has been advertised to the peer
    • “ICMP DestUn, Frag Req’d and DF Set” messages—Number of ICMP “Destination Unreachable: Fragmentation Required and DF set” messages that the router has received
    • Number of attempts to increase PMTU—Number of times the router has attempted to increase the PMTU by probing with a packet that is larger than the known MTU
    • Time to next increase attempt—Amount of time, in seconds, until the router retries to increase the MTU
    • Black Hole Detection State—State of the black hole detection mechanism: none, detecting, probable, or unknown

    Out-of-Order Packet Queue Information

    Information regarding packet queue buffers:

    • Buffers Outstanding—Number of buffers currently on the connection reordering queue
    • High Water—Most buffers that have ever been on the connection reordering queue
    • Buffers discarded—Number of buffers that were discarded because keeping them would have exceeded the connection maximum

    TCP PAWS is [enabled/disabled]

    Status of the TCP PAWS option; enabled indicates that PAWS is functioning normally (default mode) for TCP segments; disabled indicates that PAWS is disabled for TCP segments

    Published: 2014-08-13