05-12-2024 10:30 AM - edited 05-12-2024 10:31 AM
Sometimes I see packet loss when pinging from a cisco switch but not from a windows machine connected to the same segment (right behind that L3 switch) pinging the same destination. Any reasons why this could happen?
Frin Windows
05-12-2024 11:06 AM
It it CML then it normal if it gns3 you need to check along the path to destiantion.
MHM
05-12-2024 12:27 PM
THis is not a virtual environment.
05-12-2024 12:30 PM
Share
Show policy-map control-plane
MHM
05-12-2024 01:03 PM
It shows nothing
05-12-2024 11:18 AM
what switch model and IOS code running on it ?
does the switch have SVI for VLAN, are you tried using sourcing the same SVI Interface ?
does the switch have any QOS and COPP ?
you can disclose the IP its RFC 1918 address so we can understand end IP you pinging ?
what is widows device IP ? and Switch IP ?
05-12-2024 12:55 PM - edited 05-12-2024 12:57 PM
Let me give you the full backstory. We're troubleshooting an ipsec tunnel were we see some packets are not arriving in wireshark. Some servers in Site2 are not able to connect to vCenter anymore after the tunnel was created. We've double check the policies and objects and it looks fine however we suspect some issues with the ISP.
<Windows-S1> --<L3-S1>--<FW-LAN-S1>------------Internet--------------<FW-LAN-S2>--<L3-S2>
x.173 x.250 x.235 y.235 y.232
Site 1 is using vlan x - 192.168.x.0/24
Site 2 is using vlan y - 192.168.y.0/24
Windows-S1 is 192.168.x.173
L3-S1 is 192.168.x.250
Firewall-S1 is 192.168.x.235
L3-S2 is 192.168.y.232
Firewall-S2 is 192.168.y.235
I see the dropped packets on the cisco switch L3-S1 (192.168.x.235) when I ping to the LAN interface of Firewall-S2 (192.168.y.235)
However I'm not seeing Windows dropping packets when I ping from Windows-S1 (192.168.x.173) to the firewall in site 2 it's LAN ip address (192.168.y.235)
I see the dropped packets in reverse direction when I ping from the L3-S2 (192.168.y.232) to the lan interface of the firewall in site 1 it's LAN ip address (192.168.x.235)
Everything else behind the L3 switches in either site pings fine.
THe switches are older but worked fine before the tunnel was created
Model: WS-C3750G-24TS-1U
Version: 12.2(55)SE5
05-14-2024 08:32 PM - edited 05-14-2024 08:32 PM
The problem is now resolved and I'm not seeing any packet drops anymore. I'd still like to know why Windows sometimes isn't showing any dropped packets. I've seen it before too. Is a Windows ping (packet size?) any different from a ping on a cisco device?
05-15-2024 04:56 AM
I can following you'
Now can you clarify
you face drop in ipsec ?
SW still show some drop?
MHM
05-15-2024 07:34 AM
The network objects were not matching on the firewalls causing packets to drop. Once that was fixed I no longer saw packet loss on the switch.
I'm just trying to understand why windows was not showing any packet loss but the cisco switch did.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide