1811 - Packets missing on outside of router

Unanswered Question
Oct 1st, 2009

I am using an 1811 router to connect my network to the Internet. Outgoing mail from our server was getting delayed. I setup packet sniffers on the inside and outside of the router and found that not all the packets were getting through. The server sent 4 SMTP Data packets right after each other and only 2 were sent from the router to the remote host (see attached jpg).

I don't know a lot about routers. What could be blocking/discarding the packets?Is there a way on the router to monitor the packets comming in and going out?

Thanks in advance,

Jason

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paolo Bevilacqua Thu, 10/01/2009 - 08:01

Nice trace, but something is wrong with the server because hosts should never generate IP fragments. Please check host's interface MTU, etc.

Paolo Bevilacqua Thu, 10/01/2009 - 10:32

You can try removing the ip inspect commands, beside that there is nothing you can do about on the router, and you should fix the server instead.

itdept@mertzok.com Thu, 10/01/2009 - 11:17

The MTU setting on the server NIC is 1500. It is a gigabit ethernet connection into the same gigabit switch that the 1811 is connected to. What is a recommended MTU setting?

If I remove the ip inspect settings, won't that affect traffic getting back through the firewall?

Paolo Bevilacqua Thu, 10/01/2009 - 13:31

But the server is sending IP packets longer than 1500, that's not normal.

You still have basic FW protection by virtue of NAT by removing inspect. I never seen inspect being necessary or blocking any threat.

Actions

This Discussion