I have a small LAN utilizing a T1 line from One Communications. Static IP address.
30 workstations. Windows 2003 DHCP server.
Installed new RV-120W firewall router last week replacing an old Netgear unit.
Setup VPN tunnel on unit, have remote access in for about 10 users.
That part works good. A tad slow, but acceptable.
My Issue: internet connectivity on internal LAN is in and out. It is extrememly choppy.
Download and Upload speeds have been consistent (~2.5M/sec)
External Pings show very minimal loss if any.
Users have seem intermitant loss of web streams and corrupt downloads. 90% web activity is ok, but then we keep getting "cannot display webpage error".
NSLOOKUP will show DNS, but occasssionally "TIMEOUT" occurs.
I had provider perform loop-back tests and replace WIC on CISCO T1 1841 Router, but I am still seeing the behavior.
In reading other forms, I am seeing this is a continuous issue with the RV routers.
Static IP / DNS on Router.
MTU set back at 1500. I have adjusted it down incrementally to 1350.
Windows 2003 Server has RV120W address as router / gateway.
T1 to CISCO 1841 ROUTER... to CISCO RV120W...to LAN via (2) CISCO SLM248G Switches.
I did not setup any port forwards.
I am continuing Line tests on my end, but like I said this issue was not existent with Netgear unit.
Please advise with any setting changes / suggestions.
Hi Jason et al..
i believe the technician are now aware of a UDP issue on the Rv120W.
The internal discussions on the issue from R&D and development seems to be;
1. By default on RV120W there is a UDP Flood attack check which limits 25 UDP Connections Per Client in one instance, i.e at a particular time instance a PC behind this router can establish only 25 UDP Transactions, if we exceed router drops UDP Packets.
2. We have a script that sends dns lookup queries at a very high rate than the router clears the UDP entries, this way we build up the UDP entry table in the router(i.e 25 entries)
3. Once 25 limit is reached we are unable to resolve further DNS queries, using the script or using the browser.
4. In the real world scenarios there might be one PC behind the router and open a website where all the items on the webpage are linked to different website, if you open this kind of website it may have links to more that 25 different website and clog the routers UDP table for that particular PC and user might not be able to resolve further DNS queries and unable to browse any new websites. This unability to browse happens until the UDP entries on the router time outs and are cleared.
5. This limit of 25 is because of the feature called Block UDP flood on the router which is enabled by default.
6. Once we disable the block UDP Flood, router does not check for 25 UDP Connections limit and dns resolution is continuous without a break.
This is what a customers in the field might be seeing interruptions in DNS resolutions and website browse failed.
Some customers explicitly talked about DNS failures.
Jason I can see you have placed a service call, so hopefully CCORAL who posted on the 15 August should be helping you.
So Folks, If the Technician deem the problem not a hardware issue requiring RMA, the technician will escalate the call to our Level 2 folks in Irvine, probably CCORAL. You will get assistance to resolve this issue.
The Small Business Support center, should be aware of the problem. Please feel free to show them this posting, i am willing to chat with them to get the ball rolling.
So again, if you have not done so already, please contact the SBSC and place a service request and keep a copy of that number they give you as a reference (you may need it). My appologies for the inconvenience you have all had.
Small Business, Channel Systems Engineer
Cisco - Research Triangle Park. USA