Packet loss when connected to sonicwall 2040

Dear Experts

Last three days we are facing a constant packet loss while pinging our mail server IP , which is 3 Mbps 1:1 RF link. Due to this reason, we are unable to send mails from mail clients like Microsoft Outlook. Therefore, Monday morning I logged a call and followed all the instructions as provided by our ISP. The instructions were:-
1. To restart the canopy
2. To restart the sonicwall firewall(canopy was directly connected to it's wan port)
3. They also came to our office and checked through discooneting the wan port of the laptop and connect it directly to a laptop. Strangely there was no packet loss.
4. They recommended us to place a layer2 switch between the canopy and the firewall. Which is in place but still the problem exists.
5. Now they are telling us to replace the firewall.

Please me help to sort out the problem asap.


Who is Participating?
Kevin CrossConnect With a Mentor Chief Technology OfficerCommented:
You run the ping command from a client/server (basically a machine behind your firewall).

Once you find the value that works for you, then I would set in SonicWall and I would definitely check that option but you can investigate for yourself.  The problem I had was based on the fact that MTU size must be consistent on devices in a chain -- in other words, MTU maybe 1500 for your network and works great, but your ISP has there router set to 1470 and so on until in reality only a packet the size of 1400 would make it out to Internet.

The option above further tells SonicWall that as a packet is leaving network bigger than this size you have optimized to then fragment it internally versus happening sometime along the path you have no control over which is what usually ends up in packet loss.

reduce mtu sizu on sonicwall firewall from 1500 to 1470
Kevin CrossChief Technology OfficerCommented:
For MTU, instead of picking an arbitrary amount, you may want to go back to your results of using the ping test with load size and DF bit set as suggested here.


Whatever amount you find works using that method, add 28 to it and set that in SonicWall's MTU size setting for your WAN connection.

ping -l 1288 -f

This is the first value that will work in my environment with an MTU size set to 1316.

You can also check if this setting is available on your SonicWall as I have a different model:
Fragment non-VPN outbound packets larger than this Interface's MTU  

If so, I have found it works with mail / packet loss issues with this checked.

Best regards,
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

mohonaAuthor Commented:
Dear Kevin,

Please clarify some points.

where we run the command ping -l 1288 -f , in client side or from the server network or from the firewall.

This setting is available Fragment non-VPN outbound packets larger than this Interface's MTU , shall I check it or not?


Also make sure you have the latest firmware on all routers and firewalls etc.

I hope this helps !
mohonaAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.