RV082 droping packets when firewall enabled

Unanswered Question
Aug 24th, 2010

Hi,

I just installed a new RV082 over the weekend on an existing LAN, it substituted an old Motorola router and a Cisco 1548 switch, and I'm finding several major problems.

One problem is about a big percentage of packets being droped over the WAN1 interface (WAN2 will be used when the new line is operational).

After a few tests I found that the firewall is the cause of the problem.  Here's some test output, first with firewall enabled, second with firewall disabled :

$ sudo mtr --report --report-cycles=100 --no-dns cactus-soft.dyndns.org

HOST: LegoSoft                    Loss%   Snt   Last    Avg  Best  Wrst StDev

   1.|-- 192.168.20.253           17.0%   100    0.4    1.4   0.3  10.1   2.1

   2.|-- 200.52.135.105           20.0%   100   34.8   37.8  22.6  54.5   8.9

   3.|-- 200.52.143.34            19.0%   100   29.7   38.9  22.3  93.8  10.3

   4.|-- 200.52.143.173            0.0%   100   44.3   39.1  22.9  83.9  10.8

   5.|-- 201.117.10.142            1.0%   100   38.8   41.7  25.2  59.6   8.4

   6.|-- 201.154.140.249          22.0%   100   33.9   38.9  24.6  62.4   8.0

   7.|-- 189.249.55.236           53.0%   100   51.8   54.6  37.3  77.4   9.8

$ sudo mtr --report --report-cycles=100 --no-dns cactus-soft.dyndns.org

HOST: LegoSoft                    Loss%   Snt   Last    Avg  Best  Wrst StDev

   1.|-- 192.168.20.253            0.0%   100    0.3    1.7   0.3  10.2   2.6

   2.|-- 200.52.135.105            0.0%   100   30.3   40.6  23.2 178.6  17.5

   3.|-- 200.52.143.34             0.0%   100   50.7   43.1  24.9 159.7  21.7

   4.|-- 200.52.143.173            0.0%   100   37.8   40.7  24.4 230.1  24.8

   5.|-- 201.117.10.142            1.0%   100   47.3   41.0  25.7  95.7  11.2

   6.|-- 201.154.140.249           0.0%   100   39.4   42.2  26.1 195.5  19.5

   7.|-- 189.249.55.236            0.0%   100   54.0   56.9  37.1 157.8  18.6

I have repeated the tests and results are similar.  The reverse test, from my home to the office with the RV082 firewall enabled, gives 0% loss accross the board, but on the "System Statistics" the "Error Packets Received" and "Dropped ..." count is pretty high (both show the same number).

I do need a couple of firewall rules, additional to the default ones, to work around the lack of a shared VLAN (the Cisco 1548 has a '*' VLAN that allows you to share say a printer between all VLANS).


Anyone has seen a problem like this?  Is there a fix, workaround, any way to improve performance?

TIA

- - - -

BTW

         Hardware version: 2

         Firmware version: 2.0.0.19-tm

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rberber07 Sat, 08/28/2010 - 16:05

Answering my own question: false alarm, the RV082's firewall does drop packets with a test like the one I did, which is a standard test used for finding bad routers on a path, but it doesn't drop packets in the general case.

I did a different test, this time testing for throughput, and nothing was dropped.

There remains a bug with the "System Statistics" page, shows several bogus values which don't even make sense, if you keep refreshing the page values jump from zero to a very big number, both of those are obviously invalid.  I didn't find where is that info comming from, the errors reported per port, on each port page, seem credible, but at the Linux level using ifconfig there are no errors reported.

Actions

This Discussion

Related Content