Solved

CRC errors seeing on Windows Vista and Windows 7 machines but not on Windows XP

Posted on 2010-08-12
7
921 Views
Last Modified: 2012-05-10
Hello,

While I was troubleshooting session disconnects and had to capture traffic on my PC, I discovered that in addition to the disconnects, there were CRC errors on the IP packets. Further checking with Cisco's help showed that this condition was present on my two test PCs, one Windows Vista and one Windows 7. When we tested a Window XP we found no CRC errors in the frames.

The Cisco TAC engineer and I checked every single switch port and trunk-port involved in the path between my two VLANs that were traversed and the router ports as well. No input errors, no CRC errors, at all.

Even packets to the text Windows XP, which is in the same subnet as the Vista and 7 machines show the errors.

Please see attached screen capture of the wireshark net capture. The error occurs on every packet sourced from the Vista computer (10.20.0.95)

If you have any idea or there is a know IP condition in Windows Vista and Windows 7, I'd like to know if there is a workaround or solution to this.

This problem is not the cause of my session disconnects. Wireshark capture - from Vista
0
Comment
Question by:xperttech
  • 3
  • 3
7 Comments
 
LVL 4

Expert Comment

by:mop_se
ID: 33424831
Normally when I have had crc errors it's because of faulty ethernet cables.
0
 
LVL 6

Expert Comment

by:univision-computers
ID: 33425137
You could try updating the NIC drivers as well, are the Vista and 7 machines the same hardware/model?
0
 
LVL 5

Author Comment

by:xperttech
ID: 33425296
Sorry experts. I forgot to mention I had already changed my Vista cable with a new cat 5e. No change.
The Vista machine is a Dell workstation, and the Windows 7 an HPmini netbook.
Too much coincidence the drivers would be the issue, but I will try that.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 6

Expert Comment

by:univision-computers
ID: 33425542
I vaguely remember having to change the MTU settings in the registry to fix other network related problems with Vista.  I can't seem to find a related article at the moment though.
0
 
LVL 5

Author Comment

by:xperttech
ID: 33430610
Now I need to add to the affected systems by this condition Windows 2008 R2.

I discard the possibility of this being a local issue to the affected hosts. Now I am finding out that my time-sensitive alerts are being generated to to the disconnects in other systems.

No one has seen this???

It looks like a stack issue, but is this a bug starting at Windows Vista on the IP stack???
0
 
LVL 6

Expert Comment

by:univision-computers
ID: 33431192
This article from Cisco may be helpful, although not exactly your setup perhaps.
https://supportforums.cisco.com/message/1326710
0
 
LVL 5

Accepted Solution

by:
xperttech earned 0 total points
ID: 33475265
The problem has to do with TOE (TCP Offload Engine) present in 1Gb and 10Gb NICs. The TCP checksum calculations are passed on to the NIC's CPU for processing as opposed to being calculated by the driver (computer's CPU) favoring thus the performance.

Wireshark is capturing at the software level when you do this right on the computer generating the traffic. When Wireshark captures the TCP/UDP packets, these don't have the checksum computed yet and that's why they are reported as incorrect. The checksums are calculated right before the packets go out the wire and this is long after Wireshark had already captured them.

Disabling the TCP/UPD checksum offload feature in a NIC is recommended ONLY for testing purposes. Instead, you should disabling the feature at Wireshark to avoid the false-positive warnings.

These articles better explains the condition:
http://wiki.wireshark.org/TCP_Checksum_Verification
http://packetlife.net/blog/2008/aug/23/disabling-checksum-validation-wireshark/
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Two of my three WiFi Routers lose connection 6 55
small, multi network, problem 3 84
Stream live video from Raspberry Pi camera 22 117
Valid LIN protocol Protected ID values 1 22
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now