Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2138
Views
0
Helpful
3
Replies

Packet returning via different path problem when using TCP

b.hart
Level 1
Level 1

‎01-24-2002 03:24 AM - edited ‎03-01-2019 08:11 PM

Currently we a in a peroid of migrating with our WAN from leased line to Frame Relay.

Here is the problem. All VLAN 1 traffic is currently routed via the new FR network for testing. All other VLAN's are routed via the old leased lines. If I ping from VLAN 1 to a remote machine on say VLAN 105 I get a reply. The packet goes over the leased line and returns via the FR WAN. That is to be expected. This ping is UDP. Right?

If I telnet from VLAN 1 to a remote machine on VLAN 1 everything is OK because both the outgoing and incoming packets follow the same paths. With me so far?

If I telnet from VLAN 1 to VLAN 105 on the remote site I cannot get a telnet session. The outgoing packets are going via the FR WAN and the return packets are going over the leased line. Is there a problem with TCP communication where the return path is different to that of the outgoing path?. That is my question.

Labels:
0 Helpful
3 Replies 3

svermill
Level 4
Level 4

‎02-01-2002 09:47 AM

There are security implementations that check to ensure incoming TCP was "established" by an inside source. I believe that part of being established (aside from the bit being set) is that some stateful information match up. Any PIX experts out there?

0 Helpful

yagnesh.patel
Level 1
Level 1

‎02-01-2002 12:52 PM

TCP should not be any problems with having asymmetric routing otherwise internet would die.

0 Helpful

svermill
Level 4
Level 4
In response to yagnesh.patel

‎02-01-2002 02:18 PM

Of course TCP knows nothing of the mechanics of the lower layer protocols. So symmetry is not a TCP concept. But I was hoping for a PIX/security expert to comment on how stateful information (such as incoming/outgoing ports) affects permissions for various types of traffic flows.

0 Helpful
Customers Also Viewed These Support Documents