jgrammer42
asked on
Sonicwall WAN port RX errors
I am seeing a very high number of "RX errors" on the X1 (WAN) port of my SonicWall NSA 3500. This is the port that plugs into a small switch that connects to my Comcast fiber Internet circuit.
I looked at the log and am seeing a lot of "IP Spoof" alerts there. Is that what is causing my "RX Error" counts to rise and if so, how do I stop that? (Or is that something I have to contact my ISP, (Comcast), about?)
If not what other causes could be resulting in this high number of "RX errors" being reported?
I am *NOT* a Sonicwall expert.
thank you,
Jeff
I looked at the log and am seeing a lot of "IP Spoof" alerts there. Is that what is causing my "RX Error" counts to rise and if so, how do I stop that? (Or is that something I have to contact my ISP, (Comcast), about?)
If not what other causes could be resulting in this high number of "RX errors" being reported?
I am *NOT* a Sonicwall expert.
thank you,
Jeff
ASKER
diverseit,
Sure. Please see the attached screen shot. I circled in red the issues I am seeing.
The complaint I am getting from endusers is slow internet. And they believe it is because of Sonicwall's content filtering. Which makes no sense. But this error seems like a very real culprit.
Thank you,
Jeff
Sure. Please see the attached screen shot. I circled in red the issues I am seeing.
The complaint I am getting from endusers is slow internet. And they believe it is because of Sonicwall's content filtering. Which makes no sense. But this error seems like a very real culprit.
Thank you,
Jeff
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
diverseit,
That is exactly what I suspecting, and if this had been a Cisco router or ASA, exactly what I would have done first.
But the Sonicwall is so new to me, that I wanted to verify that what I was seeing was what I suspected.
Thank you very much for the help,
Jeff
(I will close this ticket and assign points when I get the cable changed out this weekend and clear the counters...want to make sure that corrects things first.)
That is exactly what I suspecting, and if this had been a Cisco router or ASA, exactly what I would have done first.
But the Sonicwall is so new to me, that I wanted to verify that what I was seeing was what I suspected.
Thank you very much for the help,
Jeff
(I will close this ticket and assign points when I get the cable changed out this weekend and clear the counters...want to make sure that corrects things first.)
Sounds good! I'll be here.
I hear ya, learning new firewalls...are always interesting!
I hear ya, learning new firewalls...are always interesting!
So how'd it go?
ASKER
Hi diverseit,
I was just going to post when I saw you had done so.
Changing the cables has not made any difference. The current LAN switch is a Netgear switch. (Frankly, I think those are just garbage, and I am very suspect of it.) But I cannot change out the switch until I send them a replacement. The site having this issue is remote to where I am.
Any other thoughts, while I am arranging to have another switch sent to them?
Thank you,
Jeff
I was just going to post when I saw you had done so.
Changing the cables has not made any difference. The current LAN switch is a Netgear switch. (Frankly, I think those are just garbage, and I am very suspect of it.) But I cannot change out the switch until I send them a replacement. The site having this issue is remote to where I am.
Any other thoughts, while I am arranging to have another switch sent to them?
Thank you,
Jeff
Frankly, I think those are just garbage, and I am very suspect of it.Especially unmanaged residential Linksys/Cisco switches. Cheap inexpensive switches will do it every time. I have solved many similar issues especially when they are unmanaged switches...one port goes bad and starts a plethora of issues.
It's most likely going to be either cables or ports. Since you replaced the cables its pointing toward ports now, but I'd test the cables regardless for good measure...sometimes the terminations loosen at the heads. And typically there is one port on the switch that is faulty so until you get the other gear try testing other ports (if you have the availability too).
How's it going?
ASKER
diverseit,
I have not been able to change out the Netgear switch for a Cisco 2950 switch I had that I know was in very good working condition to verify if it was that Netgear or not. However, I am pretty convinced that this is absolutely a LAN issue.
One quick question: (Now I have NEVER seen this before, and cannot imagine it is happening, but I want to ask anyway.)
Is there a chance that the ethernet port of the Sonicwall itself is causing "receive" errors?
Again, I have NEVER seen a situation where an ethernet port was bad and was exhibiting problems through "received" packets...."transmitting" yes..."receiving"? I have never seen that. but I just want to ask if you, (or anyone else), has ever heard of that.
thank you again,
jeff
I have not been able to change out the Netgear switch for a Cisco 2950 switch I had that I know was in very good working condition to verify if it was that Netgear or not. However, I am pretty convinced that this is absolutely a LAN issue.
One quick question: (Now I have NEVER seen this before, and cannot imagine it is happening, but I want to ask anyway.)
Is there a chance that the ethernet port of the Sonicwall itself is causing "receive" errors?
Again, I have NEVER seen a situation where an ethernet port was bad and was exhibiting problems through "received" packets...."transmitting" yes..."receiving"? I have never seen that. but I just want to ask if you, (or anyone else), has ever heard of that.
thank you again,
jeff
No you'd see transmitting errors if that were the case on the upstream flow.
Most of the time people tend to view received errors on a unit and then troubleshoot it from there not checking the other devices to see if there are transmitting errors on the corresponding side. This can only be done, obviously, if the other device has the capability of reporting a transmitting error.
I'd continue to isolate as much as you can. Changing only one thing at a time then testing to isolate the variables. If you have a cable tester check integrity, switch Ethernet cables, test ports if you have a port integrity tester otherwise change ports to test between good/bad.
Keep me posted.
Most of the time people tend to view received errors on a unit and then troubleshoot it from there not checking the other devices to see if there are transmitting errors on the corresponding side. This can only be done, obviously, if the other device has the capability of reporting a transmitting error.
I'd continue to isolate as much as you can. Changing only one thing at a time then testing to isolate the variables. If you have a cable tester check integrity, switch Ethernet cables, test ports if you have a port integrity tester otherwise change ports to test between good/bad.
Keep me posted.
ASKER
diverseit,
I certainly will keep you posted. I do not want to let this question languish too long, but I would like to keep it going as a thread for a few more days. Then I will close it and award you the points. My apologies for taking so long with this.
Thank you for all of your help,
Jeff
I certainly will keep you posted. I do not want to let this question languish too long, but I would like to keep it going as a thread for a few more days. Then I will close it and award you the points. My apologies for taking so long with this.
Thank you for all of your help,
Jeff
My pleasure!
Sure, sounds good!
Sure, sounds good!
Any update on this?
ASKER
divverseit,
Thank you VERY much for your help and patience. I have not been able to get the client to let me change out the switch just yet, but I am going to go ahead and close this question, and assign points now. If I have any other questions, I will open a new one.
Thank you very much again!
Thank you VERY much for your help and patience. I have not been able to get the client to let me change out the switch just yet, but I am going to go ahead and close this question, and assign points now. If I have any other questions, I will open a new one.
Thank you very much again!
What do you mean "RX errors" can you provide the log incident of this or a screenshot?
What is going on outside of the logs? Are transmissions failing inbound?