Symantec Web Gateway logs show the following message, "nf_queue: full at _ entries, dropping packets(s)"

book

Article ID: 156871

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

Symantec Web Gateway logs show the following message, "nf_queue: full at _ entries, dropping packets(s)"

Resolution

This message can appear when traffic from an individual system has a high amount of network activity (lots of concurrent connections, etc).  Examples of these types of systems are mail servers, web servers, etc.  Currently the SWG is not designed to protect these type of high activity systems.  To resolve this issue please identify the high activity system(s) and move them to a network segment not protected by the SWG.

If this is not an option please add a whitelist entry for the IP/hostname of the system(s) to Policies->Whitelist.

Please note that when the SWG displays this message some packets may be dropped but the affected systems should recover through normal TCP/IP recovery processes.  If the affected systems are unable to recover and/or experiences other issues due to the SWG dropping packets and the previous workaround does not resolve the issue please contact Symantec Technical Support.