Solved: router dropping smtp packets

sikusikanyika · ‎05-30-2012

we have a cisco 800 series router between the internal network and the WAN. the problem is we are unable to receive some of our mail due to dropped packets by our router.

the conversation between the two servers stops at the point were our server responds with the command 250 2.1.5 user@mydomain.com | 354 Start mail input; end with . i was able to trace the packet, using Packet Export, on the internal interface but not on the external interface. Also i have noticed that the external interface has about 160,000 unknown protocol drops while the internal interface has 0.

Is there anyway to find out way the external interface is dropping the packets.

we have no pix firewall enabled on the router.

Giuseppe Larosa · ‎05-30-2012

Hello Nosiku,

but the configuration is complete?

I see a line :

class-map type inspect match-all sdm-nat-http-1

there is CBAC configured on the device or this is just an orphan line?

The NAT pool uses the primary or the secondary address of the WAN interface?

you have masked everything with x.x.x.x so some details have been lost

For the kind of issue you were describing my guess was that CBAC was involved, but it looks like not configured

the only line referring to the SMTP server should be

ip nat inside source static tcp 192.168.5.12 25 x.x.x.x 25 extendable

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎05-30-2012

Hello Nosiku,

without seeing the router configuration it is not possible to say something meaningful.

Remove username/passwords change or mask public IP addresses and then you can attach a txt file with your filtered configuration.

Your router is probably configured for CBAC with ip inspect statements.

The unknown protocol drops on the WAN interface is likely not related to your issue: it just means that packets belonging to a protocol the router interface is not configured for are received on it.

Examples are: L2 protocols like STP BPDUs or other L2 protocol like DTP or ISIS hellos on devices not configured for this routing protocol.

Edit:

if the unknown protocol drops increments by 1 at each show interface your router may be affected by a SW bug related to this counter ( cosmetic in Cisco language)

Hope to help

Giuseppe

sikusikanyika · ‎05-30-2012

hello Giuseppe.

do you mean the running configuration. i have attached it

Giuseppe Larosa · ‎05-30-2012

Hello Nosiku,

but the configuration is complete?

I see a line :

class-map type inspect match-all sdm-nat-http-1

there is CBAC configured on the device or this is just an orphan line?

The NAT pool uses the primary or the secondary address of the WAN interface?

you have masked everything with x.x.x.x so some details have been lost

For the kind of issue you were describing my guess was that CBAC was involved, but it looks like not configured

the only line referring to the SMTP server should be

ip nat inside source static tcp 192.168.5.12 25 x.x.x.x 25 extendable

Hope to help

Giuseppe

sikusikanyika · ‎05-30-2012

hello Giuseppe,

yes it is complete.

i am not the one who configured the router we had an outside consultant do it for us as cisco is not my strong suite. he has been working on this problem for the past month but we are still experiencing the problem.he says he has configured it to the minimum configurations, i.e. no firewall, and no access lists.

it uses the secondary i think. i have re-attached the configuration file.

thanks for your help

nosiku