CRC errors seeing on Windows Vista and Windows 7 machines but not on Windows XP

Hello,

While I was troubleshooting session disconnects and had to capture traffic on my PC, I discovered that in addition to the disconnects, there were CRC errors on the IP packets. Further checking with Cisco's help showed that this condition was present on my two test PCs, one Windows Vista and one Windows 7. When we tested a Window XP we found no CRC errors in the frames.

The Cisco TAC engineer and I checked every single switch port and trunk-port involved in the path between my two VLANs that were traversed and the router ports as well. No input errors, no CRC errors, at all.

Even packets to the text Windows XP, which is in the same subnet as the Vista and 7 machines show the errors.

Please see attached screen capture of the wireshark net capture. The error occurs on every packet sourced from the Vista computer (10.20.0.95)

If you have any idea or there is a know IP condition in Windows Vista and Windows 7, I'd like to know if there is a workaround or solution to this.

This problem is not the cause of my session disconnects. Wireshark capture - from Vista
LVL 5
xperttechAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mop_seCommented:
Normally when I have had crc errors it's because of faulty ethernet cables.
0
univision-computersCommented:
You could try updating the NIC drivers as well, are the Vista and 7 machines the same hardware/model?
0
xperttechAuthor Commented:
Sorry experts. I forgot to mention I had already changed my Vista cable with a new cat 5e. No change.
The Vista machine is a Dell workstation, and the Windows 7 an HPmini netbook.
Too much coincidence the drivers would be the issue, but I will try that.
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

univision-computersCommented:
I vaguely remember having to change the MTU settings in the registry to fix other network related problems with Vista.  I can't seem to find a related article at the moment though.
0
xperttechAuthor Commented:
Now I need to add to the affected systems by this condition Windows 2008 R2.

I discard the possibility of this being a local issue to the affected hosts. Now I am finding out that my time-sensitive alerts are being generated to to the disconnects in other systems.

No one has seen this???

It looks like a stack issue, but is this a bug starting at Windows Vista on the IP stack???
0
univision-computersCommented:
This article from Cisco may be helpful, although not exactly your setup perhaps.
https://supportforums.cisco.com/message/1326710
0
xperttechAuthor Commented:
The problem has to do with TOE (TCP Offload Engine) present in 1Gb and 10Gb NICs. The TCP checksum calculations are passed on to the NIC's CPU for processing as opposed to being calculated by the driver (computer's CPU) favoring thus the performance.

Wireshark is capturing at the software level when you do this right on the computer generating the traffic. When Wireshark captures the TCP/UDP packets, these don't have the checksum computed yet and that's why they are reported as incorrect. The checksums are calculated right before the packets go out the wire and this is long after Wireshark had already captured them.

Disabling the TCP/UPD checksum offload feature in a NIC is recommended ONLY for testing purposes. Instead, you should disabling the feature at Wireshark to avoid the false-positive warnings.

These articles better explains the condition:
http://wiki.wireshark.org/TCP_Checksum_Verification
http://packetlife.net/blog/2008/aug/23/disabling-checksum-validation-wireshark/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
TCP/IP

From novice to tech pro — start learning today.