Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1638
Views
0
Helpful
9
Replies

SAP outages over Cisco MPLS VPN:ng, not with IPsec

ricardo.frias
Level 1
Level 1

‎05-11-2009 12:09 AM

Hi,

We had a network running SAP over it with IPsec. There was

no troubles with it until we migrated it to MPLS.

Now, while we have not changed SAP configuration, it is

disconnecting from the server randomly on all sites.

We have tried implementing rate-limit to see if there was

some bandwidth issues, but we have confirmed that all links

are running solid and smooth.

However, we can not figured out if a MPLS with Cisco Systems

may have some Issues with SAP traffic. SAP server has not

any timeout configured on it. Also we have reduced the MTU

on all devices to discard package loses ( we saw that some

sites were producing fragmented traffic, and now it's

corrected).

It just happens with SAP connections, all the lines have not

got any cut on this past days.

Has anyone seen an issue with SAP and MPLS VPN:ng networks

before?

Thanks!

1 person had this problem
Labels:
0 Helpful
9 Replies 9

shivlu jain
Level 5
Level 5

‎05-11-2009 12:12 AM

Could you tell me whats the MTU size used by the sp server. This can be the issue only with mtu.

regards

shivlu jain

0 Helpful

ricardo.frias
Level 1
Level 1
In response to shivlu jain

‎05-11-2009 01:11 AM

The SAP server was working with 1500 MTU. Now, we have changed the MTU, and is working at 1430.

0 Helpful

shivlu jain
Level 5
Level 5
In response to ricardo.frias

‎05-11-2009 01:25 AM

are u facing problem after changing mtu or not.

regards

shivlu jain

0 Helpful

ricardo.frias
Level 1
Level 1
In response to shivlu jain

‎05-11-2009 01:34 AM

Hi Shivlu,

Yes, we are having the same problems but now we don't see fragmented packages.

Regards,

Ricardo

0 Helpful

shivlu jain
Level 5
Level 5
In response to ricardo.frias

‎05-11-2009 01:40 AM

actually what happens if the core is supporting MTU of 1500 bytes then customer cannot send the data more than 1478 or 1774(if dot1q is using) data. 20 bytes of ip header + 4 bytes of vpnv4 label + 4 bytes of igp label + 4 bytes of dot1q if used.

In MPLS env. fragmentation is not possible.

regards

shivlu jain

0 Helpful

ricardo.frias
Level 1
Level 1
In response to shivlu jain

‎05-11-2009 02:51 AM

Fragmetantion was doing for IP protocol.

Now, we have configured 1430 MTU ( Under 1474).

Thanks,

Ricardo Frías

0 Helpful

shivlu jain
Level 5
Level 5
In response to ricardo.frias

‎05-11-2009 05:02 AM

yes, fragmentation always occurs in ip protocol, thats why if you l2tpv3 fragmentation works but in case of encapsulation mpls it doesn't.

regards

shivlu jain

0 Helpful

ricardo.frias
Level 1
Level 1
In response to shivlu jain

‎05-13-2009 01:23 AM

Hi,

The problem is not only with SAP service, it happens with all services ( Email). It's more frequently when the user don't use the service for few minutes 3 or 4 ( Timeout). SAP error is "Connection reset by peer".

Regards,

Ricardo Frías

0 Helpful

ricardo.frias
Level 1
Level 1
In response to ricardo.frias

‎05-19-2009 02:57 AM

I have changed the firewall ( Netscreen 25) before the SAP server. This firewall is on the central site. I have installed Zywall 5.

The connection with SAP is working perfectly. I will investigate because SAP connection does not work properly with Netscreen.

0 Helpful
Customers Also Viewed These Support Documents