Packet loss when connected to sonicwall 2040

Posted on 2008-11-05
Last Modified: 2013-12-14
Dear Experts

Last three days we are facing a constant packet loss while pinging our mail server IP , which is 3 Mbps 1:1 RF link. Due to this reason, we are unable to send mails from mail clients like Microsoft Outlook. Therefore, Monday morning I logged a call and followed all the instructions as provided by our ISP. The instructions were:-
1. To restart the canopy
2. To restart the sonicwall firewall(canopy was directly connected to it's wan port)
3. They also came to our office and checked through discooneting the wan port of the laptop and connect it directly to a laptop. Strangely there was no packet loss.
4. They recommended us to place a layer2 switch between the canopy and the firewall. Which is in place but still the problem exists.
5. Now they are telling us to replace the firewall.

Please me help to sort out the problem asap.


Question by:mohona
    LVL 5

    Expert Comment

    reduce mtu sizu on sonicwall firewall from 1500 to 1470
    LVL 59

    Expert Comment

    by:Kevin Cross
    For MTU, instead of picking an arbitrary amount, you may want to go back to your results of using the ping test with load size and DF bit set as suggested here.


    Whatever amount you find works using that method, add 28 to it and set that in SonicWall's MTU size setting for your WAN connection.

    ping -l 1288 -f

    This is the first value that will work in my environment with an MTU size set to 1316.

    You can also check if this setting is available on your SonicWall as I have a different model:
    Fragment non-VPN outbound packets larger than this Interface's MTU  

    If so, I have found it works with mail / packet loss issues with this checked.

    Best regards,

    Author Comment

    Dear Kevin,

    Please clarify some points.

    where we run the command ping -l 1288 -f , in client side or from the server network or from the firewall.

    This setting is available Fragment non-VPN outbound packets larger than this Interface's MTU , shall I check it or not?


    LVL 59

    Accepted Solution

    You run the ping command from a client/server (basically a machine behind your firewall).

    Once you find the value that works for you, then I would set in SonicWall and I would definitely check that option but you can investigate for yourself.  The problem I had was based on the fact that MTU size must be consistent on devices in a chain -- in other words, MTU maybe 1500 for your network and works great, but your ISP has there router set to 1470 and so on until in reality only a packet the size of 1400 would make it out to Internet.

    The option above further tells SonicWall that as a packet is leaving network bigger than this size you have optimized to then fragment it internally versus happening sometime along the path you have no control over which is what usually ends up in packet loss.

    LVL 63

    Expert Comment

    Also make sure you have the latest firmware on all routers and firewalls etc.

    I hope this helps !

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    This article is a step by step guide on how to create a basic PTP link using Ubiquiti airOS devices. This guide can be used on the following Ubiquiti AirMAX devices. Nanostation, Bullets, AirBridge, Nanobeam, NanoBridge to name a few. Please review …
    In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now