RVS4000 ping questions

Unanswered Question
Sep 7th, 2010
User Badges:

Hello all


I've recently purchased a Cisco RVS4000 router. One feature of the router which appeals to me is the jumbo frame support. In anticipation for getting jumbo frames set I began doing some testing of the router and found some curious results.


With everything set at defalts (not attempting jumbo frame) I'll ping 192.168.1.1 -f -l 1473 from a windows xp workstation and I'll get "Packet needs fragmentation but DF set". This is what I would expect. However, when I ping 192.168.1.1 -f -l 1472 I get a request timed out message, which is not what I would expect. I get request timed out messages all the way down to 1,000 something at which point the packets go through fine. I get the same behavior pinging from different computers and/or different cables. When I plug in my old router and ping 192.168.1.1 -f -l 1472 the packet goes through just fine. Again with the old router, 192.168.1.1 -f -l 1473 produces a fragmentation message.


So is the RVS4000 blocking the pings as some sort of security feature or is there something wrong with the router?


Thanks for your help.

Matt

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
FratianiD Thu, 09/09/2010 - 07:31
User Badges:

I have seen some problems with this router droping sizable (even though still valid) pings.


Check the IPS log...I remember seeing something in my IPS log...something about it dropping pings.

designmule Sat, 09/11/2010 - 07:26
User Badges:

The log shows a list of suspected attacks of the type UDP_SMURF from the ip address of my workstation so it looks to me that the router is blocking the pings.


Here's where this router is a bit over my head...is IPS referring to the firewall? Can I temporarily disable it for the pupose of testing frame sizes?


Thanks for your help I definately know now that I do not have a defective unit.

Matt

FratianiD Sat, 09/11/2010 - 15:19
User Badges:

IPS is intrusion prevention system.


It's sort of like a suppliment to the firewall.


Yes, you can disable the IPS but I've heard there are many problems with doing so...

Temporarily, you should be fine to test.

Actions

This Discussion