Skip to main content

Exciting new changes are coming to the Knowledge Base site soon!
Starting April 4, 2023, you will notice Support-Specific categorization and improvements to the search filters on the site. In May, we will be launching a new and enhanced Site UI and Navigation. To know more, read our Knowledge Article.

NetApp Knowledge Base

TCP Reassembly Queue Overflows Lead to Poor Performance and Possible Application Disruption on 8.2.5P2 7-mode or ONTAP 9.1P16

Last Updated:

Applies to

  • ONTAP 9.1 
  • Data ONTAP 8.2 7-Mode 


A security vulnerability fix in the ONTAP networking stack causes Transmission Control Protocol (TCP) performance to degrade and causes ONTAP to send invalid Selective Acknowledgement (SACK) options in the header of TCP packets. These invalid SACK options can expose an issue in some client networking stacks, causing the clients to fail to retransmit packets on normal retransmit timeout intervals. This interaction can cause application outages. For example, this problem may lead to NFS timeouts or SnapMirror failures.


7-mode 8.2.5P2

Command: netstat -s -p tcp 

Counter: <no. packets> discarded because reassembly queue overflow 

ONTAP 9.1P16


node run -node <node> netstat -s -p tcp 

systemshell -node <node> netstat -s -p tcp 


For node level command: 

<no. packets> discarded because reassembly queue overflow 

For systemshell level command: 

<no. packets> discarded due to memory problems 

  • A packet-trace is needed during a problem to confirm if invalid SACK packets are being sent on the affected ONTAP versions. The invalid SACK packets will have an ACK value between one of the SACK left and right edge pairs. 

For each SACK range: 

If (SACK left edge <= ACK Value < SACK right edge) then an invalid SACK packet is confirmed.


Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device