10-19-2009 08:10 AM - edited 03-06-2019 08:11 AM
Greetings,
I have two network sites now. Both two sites are using Cisco switch. The difference is one site has Cisco ASA firewall connected (Inside interface of ASA firewall is the default gateway for all internal hosts).
When I debug the ip packet detail on each 2 site's switch. The one with ASA firewall keeps receieving the Netbios(UDP137/138) broadcast from Windows servers. This packet will slow down the some TCP connection setup(like SQL query). Can anyone tell me why it's different between my two sites? Thanks a lot.
5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255 (Vlan5), len 229, rcvd 3
5d18h: UDP src=138, dst=138
5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255, len 229, stop process pak for forus packet
5d18h: UDP src=138, dst=138
5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255 (Vlan5), len 78, rcvd 3
5d18h: UDP src=137, dst=137
5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255, len 78, stop process pak for forus packet
5d18h: UDP src=137, dst=137
10-20-2009 02:14 AM
hello
are you using the ASA's IP address as a helper-address anywhere? if you are, helper adresses forward netbios udp137 and 138 (as well as dhcp and a few others).
to stop a helper address from forwarding netbios 137/138 use:
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
hth
andy
10-20-2009 10:30 AM
Hi Andy,
I didn't use any ip forward for any switch. I can't find it in the configuration either.
Both two swich are the same model(C4948), same IOS version, same configuration.
Thanks a lot.
10-22-2009 07:48 AM
I issued below commands but the broadcast persists.
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: