• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2485
  • Last Modified:

Packet loss when connected to sonicwall 2040

Dear Experts

Last three days we are facing a constant packet loss while pinging our mail server IP , which is 3 Mbps 1:1 RF link. Due to this reason, we are unable to send mails from mail clients like Microsoft Outlook. Therefore, Monday morning I logged a call and followed all the instructions as provided by our ISP. The instructions were:-
 
1. To restart the canopy
2. To restart the sonicwall firewall(canopy was directly connected to it's wan port)
3. They also came to our office and checked through discooneting the wan port of the laptop and connect it directly to a laptop. Strangely there was no packet loss.
4. They recommended us to place a layer2 switch between the canopy and the firewall. Which is in place but still the problem exists.
5. Now they are telling us to replace the firewall.

Please me help to sort out the problem asap.

Thanks,
Mohona.

0
mohona
Asked:
mohona
1 Solution
 
devangshroffCommented:
reduce mtu sizu on sonicwall firewall from 1500 to 1470
0
 
Kevin CrossChief Technology OfficerCommented:
For MTU, instead of picking an arbitrary amount, you may want to go back to your results of using the ping test with load size and DF bit set as suggested here.

http:/Q_21718549.html#15859304

Whatever amount you find works using that method, add 28 to it and set that in SonicWall's MTU size setting for your WAN connection.

e.g.
ping www.google.com -l 1288 -f

This is the first value that will work in my environment with an MTU size set to 1316.

You can also check if this setting is available on your SonicWall as I have a different model:
Fragment non-VPN outbound packets larger than this Interface's MTU  

If so, I have found it works with mail / packet loss issues with this checked.

Best regards,
Kevin
0
 
mohonaAuthor Commented:
Dear Kevin,

Please clarify some points.

where we run the command ping www.google.com -l 1288 -f , in client side or from the server network or from the firewall.

This setting is available Fragment non-VPN outbound packets larger than this Interface's MTU , shall I check it or not?

Thanks,
Mohona.

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Kevin CrossChief Technology OfficerCommented:
You run the ping command from a client/server (basically a machine behind your firewall).

Once you find the value that works for you, then I would set in SonicWall and I would definitely check that option but you can investigate for yourself.  The problem I had was based on the fact that MTU size must be consistent on devices in a chain -- in other words, MTU maybe 1500 for your network and works great, but your ISP has there router set to 1470 and so on until in reality only a packet the size of 1400 would make it out to Internet.

The option above further tells SonicWall that as a packet is leaving network bigger than this size you have optimized to then fragment it internally versus happening sometime along the path you have no control over which is what usually ends up in packet loss.

Regards.
0
 
SysExpertCommented:
Also make sure you have the latest firmware on all routers and firewalls etc.


I hope this helps !
0
 
mohonaAuthor Commented:
thanx
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now