NETBios broadcast on switch with ASA firewall

Unanswered Question
Oct 19th, 2009
User Badges:

Greetings,

I have two network sites now. Both two sites are using Cisco switch. The difference is one site has Cisco ASA firewall connected (Inside interface of ASA firewall is the default gateway for all internal hosts).


When I debug the ip packet detail on each 2 site's switch. The one with ASA firewall keeps receieving the Netbios(UDP137/138) broadcast from Windows servers. This packet will slow down the some TCP connection setup(like SQL query). Can anyone tell me why it's different between my two sites? Thanks a lot.


5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255 (Vlan5), len 229, rcvd 3

5d18h: UDP src=138, dst=138

5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255, len 229, stop process pak for forus packet

5d18h: UDP src=138, dst=138


5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255 (Vlan5), len 78, rcvd 3

5d18h: UDP src=137, dst=137

5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255, len 78, stop process pak for forus packet

5d18h: UDP src=137, dst=137


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrewswanson Tue, 10/20/2009 - 02:14
User Badges:
  • Silver, 250 points or more

hello

are you using the ASA's IP address as a helper-address anywhere? if you are, helper adresses forward netbios udp137 and 138 (as well as dhcp and a few others).

to stop a helper address from forwarding netbios 137/138 use:


no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm


hth

andy


David Lin Tue, 10/20/2009 - 10:30
User Badges:

Hi Andy,

I didn't use any ip forward for any switch. I can't find it in the configuration either.


Both two swich are the same model(C4948), same IOS version, same configuration.


Thanks a lot.

David Lin Thu, 10/22/2009 - 07:48
User Badges:

I issued below commands but the broadcast persists.

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm


Actions

This Discussion