mysticswami
asked on
ASA-5505 & PPPoE MTU issues
Hello,
Having an issue with a DSL circuit. We have the Actiontec DSL modem in transparent bridge mode. The modem defaults to an MTU of 1500 when set this way.
I am able to get the circuit up on the ASA via PPPoE username/password. I have set the MTU on the ASA to 1500, 1492, 1464, and 1424. No matter what this is set to on the ASA it results in web traffic being extremely slow and/or fails to load. I recognized this as a probable MTU issue and did a WireShark packet capture that shows Header Checksum errors, may be caused by IP checksum offload? and an occasional "Malformed Packet".
Attached is a sho run of the ASA. Would really appreciate any ideas on this one. I can't seem to set the MTU on the ASA to resolve this. I opened a case with Cisco TAC a week ago, but so far they have been less than helpful/timely in their response. Hoping I might have better luck here.
Thanks!
Having an issue with a DSL circuit. We have the Actiontec DSL modem in transparent bridge mode. The modem defaults to an MTU of 1500 when set this way.
I am able to get the circuit up on the ASA via PPPoE username/password. I have set the MTU on the ASA to 1500, 1492, 1464, and 1424. No matter what this is set to on the ASA it results in web traffic being extremely slow and/or fails to load. I recognized this as a probable MTU issue and did a WireShark packet capture that shows Header Checksum errors, may be caused by IP checksum offload? and an occasional "Malformed Packet".
Attached is a sho run of the ASA. Would really appreciate any ideas on this one. I can't seem to set the MTU on the ASA to resolve this. I opened a case with Cisco TAC a week ago, but so far they have been less than helpful/timely in their response. Hoping I might have better luck here.
Thanks!
Last Comment
Imal Upalakshitha
i'm sure this is not an issue with MTU value. speed should be ok with default value. i think it is a physical issue like connectivity, signal condition, line condition
If you configure a laptop with the same setting as the outside interface of your ASA and plug this in instead of the ASA do you get issues with speed?
The interface your are connecting the to the ASA will act just as a standard Ethernet interface - I think MTU is a red herring for you on this one. MTU just defines the max size of a packet that can be transmitted.
Defo look into your cabling - make sure you have ADSL filters replaced as well
Can you use another DSL modem? Ive never seen/heard of this manufacturer... Sometimes with these boxes they do functions in hardware that aren't 'REAL' networking - like fudging traditional port forwarding etc... I would replace it with a plain old Netgear DG834 - disable all the NAT/Firewall options and test from there.
My gut is that this is a modem/cable issue - I think your ASA is not the cause of this.
The interface your are connecting the to the ASA will act just as a standard Ethernet interface - I think MTU is a red herring for you on this one. MTU just defines the max size of a packet that can be transmitted.
Defo look into your cabling - make sure you have ADSL filters replaced as well
Can you use another DSL modem? Ive never seen/heard of this manufacturer... Sometimes with these boxes they do functions in hardware that aren't 'REAL' networking - like fudging traditional port forwarding etc... I would replace it with a plain old Netgear DG834 - disable all the NAT/Firewall options and test from there.
My gut is that this is a modem/cable issue - I think your ASA is not the cause of this.
ASKER
Thanks for the input. I was thinking MTU simply due to the following facts:
1. When we place the modem in PPPoE mode, it defaults to a 1492 MTU (again for DSL) and traffic works normally (the ASA gets a DHCP addy from modem in this configuration).
However, if we put the modem into transparent bridge mode and configure the ASA for PPPoE we have the problems.
2. I thought of cabling and so far we have replaced RJ11 and CATV between circuit/modem and modem/ASA.
3. When in bridge mode if I do: ping google.com -f -l 1464 it works. Any higher and I get the following from the internal interface of the ASA. So I still am thinking it's the ASA and it seems related to the MTU (maybe a red herring, but packet size is an issue based on above tests). Thoughts/Ideas?
Reply from 10.8.19.8: Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
1. When we place the modem in PPPoE mode, it defaults to a 1492 MTU (again for DSL) and traffic works normally (the ASA gets a DHCP addy from modem in this configuration).
However, if we put the modem into transparent bridge mode and configure the ASA for PPPoE we have the problems.
2. I thought of cabling and so far we have replaced RJ11 and CATV between circuit/modem and modem/ASA.
3. When in bridge mode if I do: ping google.com -f -l 1464 it works. Any higher and I get the following from the internal interface of the ASA. So I still am thinking it's the ASA and it seems related to the MTU (maybe a red herring, but packet size is an issue based on above tests). Thoughts/Ideas?
Reply from 10.8.19.8: Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Cisco TAC provided solution.
Networking Hardware-Other
Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.
28K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
