10-19-2009 08:10 AM - edited 03-06-2019 08:11 AM
Greetings,
I have two network sites now. Both two sites are using Cisco switch. The difference is one site has Cisco ASA firewall connected (Inside interface of ASA firewall is the default gateway for all internal hosts).
When I debug the ip packet detail on each 2 site's switch. The one with ASA firewall keeps receieving the Netbios(UDP137/138) broadcast from Windows servers. This packet will slow down the some TCP connection setup(like SQL query). Can anyone tell me why it's different between my two sites? Thanks a lot.
5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255 (Vlan5), len 229, rcvd 3
5d18h: UDP src=138, dst=138
5d18h: IP: s=192.168.5.26 (Vlan5), d=192.168.5.255, len 229, stop process pak for forus packet
5d18h: UDP src=138, dst=138
5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255 (Vlan5), len 78, rcvd 3
5d18h: UDP src=137, dst=137
5d18h: IP: s=192.168.5.40 (Vlan5), d=192.168.5.255, len 78, stop process pak for forus packet
5d18h: UDP src=137, dst=137
10-20-2009 02:14 AM
hello
are you using the ASA's IP address as a helper-address anywhere? if you are, helper adresses forward netbios udp137 and 138 (as well as dhcp and a few others).
to stop a helper address from forwarding netbios 137/138 use:
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
hth
andy
10-20-2009 10:30 AM
Hi Andy,
I didn't use any ip forward for any switch. I can't find it in the configuration either.
Both two swich are the same model(C4948), same IOS version, same configuration.
Thanks a lot.
10-22-2009 07:48 AM
I issued below commands but the broadcast persists.
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide