Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5537
Views
4
Helpful
3
Replies

traffic NFS over TCP Out-of-Order and DUP ACK passing through FWSM

Go to solution
Jorge Goya Perez
Level 1
Level 1

‎11-11-2010 02:46 AM - edited ‎03-11-2019 12:07 PM

Hi,

     I recently had problems with our Server Network and after capture network traffic I realized that there are a lot of bad TCP traffic from servers: TCP out-of-order, Dup ACK, Retransmission.

     I was suspecting of my FWSM and moved servers network behind the FWSM to the front. My susrprise was that the bad traffic dissapeared so it is related to FWSM behavior directly.

    I am running the last FWSM version 4.1(3) and usually the network works fine even with bad traffic but when the traffic increase the services go down.

   Someone could help me about this bad TCP traffic ?, I was looking about options as randomization but I don´t know if it is exactly what I need.

   The FWSM CPU is very idle (<10%) and is not dropping packets like I could see. The network trafiic sometimes could be up to 800Mbps from a client to a server with NFS over TCP.

                                                                                                                                         Best regards, Jorge Goya.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎11-11-2010 02:26 PM

Even though we haven't done full analysis on this., if the symptom is low performance and the FWSM is responsible for the Out of Order packets then try command "sysopt np-completion unit" on the FWSM and see if that helps.

I hope it does.

PK

View solution in original post

0 Helpful

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee
In response to Jorge Goya Perez

‎11-12-2010 06:53 AM

The "sysopt np-completion unit"  does not fix saturation issues. It fixes Out of Order packets introduced by the FWSM that could slow down transfers and TCP traffic.

https://supportforums.cisco.com/docs/DOC-13066 explains how to see if your FWSM is oversubscribed, but that is irrelevant to OOO packets.

PK

View solution in original post

3 Replies 3

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎11-11-2010 02:26 PM

Even though we haven't done full analysis on this., if the symptom is low performance and the FWSM is responsible for the Out of Order packets then try command "sysopt np-completion unit" on the FWSM and see if that helps.

I hope it does.

PK

0 Helpful

Go to solution
Jorge Goya Perez
Level 1
Level 1
In response to Panos Kampanakis

‎11-12-2010 06:37 AM

Hi again,

      I don´t believe that FWSM is falling into saturation because now I have low traffic passing through and the captures shows some TCP bad traffic yet. Could you let me know a document to understand the counters when I use "sh np blocks" command ?

     There is additional commnads to check if the FWSM is saturated and due to this is dropping packets ?

                                                                                                                       Regards, Jorge.

0 Helpful

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee
In response to Jorge Goya Perez

‎11-12-2010 06:53 AM

The "sysopt np-completion unit"  does not fix saturation issues. It fixes Out of Order packets introduced by the FWSM that could slow down transfers and TCP traffic.

https://supportforums.cisco.com/docs/DOC-13066 explains how to see if your FWSM is oversubscribed, but that is irrelevant to OOO packets.

PK

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card