I have a small LAN utilizing a T1 line from One Communications. Static IP address.
30 workstations. Windows 2003 DHCP server.
Installed new RV-120W firewall router last week replacing an old Netgear unit.
Setup VPN tunnel on unit, have remote access in for about 10 users.
That part works good. A tad slow, but acceptable.
My Issue: internet connectivity on internal LAN is in and out. It is extrememly choppy.
Download and Upload speeds have been consistent (~2.5M/sec)
External Pings show very minimal loss if any.
Users have seem intermitant loss of web streams and corrupt downloads. 90% web activity is ok, but then we keep getting "cannot display webpage error".
NSLOOKUP will show DNS, but occasssionally "TIMEOUT" occurs.
I had provider perform loop-back tests and replace WIC on CISCO T1 1841 Router, but I am still seeing the behavior.
In reading other forms, I am seeing this is a continuous issue with the RV routers.
Static IP / DNS on Router.
MTU set back at 1500. I have adjusted it down incrementally to 1350.
Windows 2003 Server has RV120W address as router / gateway.
T1 to CISCO 1841 ROUTER... to CISCO RV120W...to LAN via (2) CISCO SLM248G Switches.
I did not setup any port forwards.
I am continuing Line tests on my end, but like I said this issue was not existent with Netgear unit.
Please advise with any setting changes / suggestions.
Solved! Go to Solution.
Hello. First of all let me apologize for any inconvenience we may have caused you. Would you please provide the case number that you were provided by the SBSC support team? We want to look deeper into your issue and I would like to talk to you more about this issue. Please provide your case number, from there I will obtain your contact information. I will be reaching out to you so we can get to the bottom of this issue.
Case # 615205271.
Just as an update, I have tried reconfiguring my DNS settings yet again, pointing DNS to both ISP servers and open-dns servers.
Connection has been more stable this week, but still not perfect. Thankfully most file downloads and emails have not been corrupted. We had a few large projects due this week and I would have been out the door if this issue affected any of our projects.
I still am seeing web page errors across my network. The errors occur mostly when my network if at peak load (max bandwidth).
Again, if I plug my netgear firewall in all issues cease.
Any help would be appreciated.
maybe I am not crazy...
A recent issue has come to light with some RV120W’s, where the CPU utilization will spike and router performance will suffer. I believe this may be the issue we are seeing in your case. Please let me know if you are seeing any processor spikes (90-100%) when your network issues are ongoing, and we can escalate your case if needed.
Cisco Engineering asked me to changed a firewall setting.. .UDP FLOOD
"under Firewall-Basic Setting, there is an option for Block UDP Flood, if the box is checked please un-check"
I am trying the setting change now. Give it a try and let us know if you see any improvement.
I made the change an hour ago. No negative results as of yet.
I am seeing the 100% CPU usage figure on the System Summary page.
I un-checked the Block UPD Flood option and it has made no difference.
Still receiving constant "cannot display page" errors with only ONE USER using the router.
Give me an idea of your setup... I'll see if I can help you.
You said you are using the RV120W as your home router?
One computer only?
Hard wired or Wifi?
Cable or DSL connection?
DHCP enabled on router?
WAN setup on the router:
IP and DNS autoconfiged or assigned?
From a command prompt on computer, do an ipconfig /all and check out your settings:
Is the router address set as your gateway?
Is your DNS showing properly?
Made a change to Firewall settings late yesterday. Turned off "Block UDP Flood".
So far I see positive results:
VPN tunnels had much better performance last night. Painting and refreshing was much better. No disconnections.
This morning, LAN seems stable.
Simple tests from my machine show the following:
DNS lookup / tracert commands all successful. No time outs.
Pings have been stable. Very minor lost packets. Much better
Speed test all stable. Latency consistant.
A primitive test (opening 20 browser windows) work perfectly. Not one error. Previously I would have 20% error rate ("page not found").
Have 2 tunnels now into LAN and no performance loss.
Streaming on all computers has been stable this morning. No stutters or loss of data stream yet.
Fingers are crossed.
Hi Jason et al..
i believe the technician are now aware of a UDP issue on the Rv120W.
The internal discussions on the issue from R&D and development seems to be;
1. By default on RV120W there is a UDP Flood attack check which limits 25 UDP Connections Per Client in one instance, i.e at a particular time instance a PC behind this router can establish only 25 UDP Transactions, if we exceed router drops UDP Packets.
2. We have a script that sends dns lookup queries at a very high rate than the router clears the UDP entries, this way we build up the UDP entry table in the router(i.e 25 entries)
3. Once 25 limit is reached we are unable to resolve further DNS queries, using the script or using the browser.
4. In the real world scenarios there might be one PC behind the router and open a website where all the items on the webpage are linked to different website, if you open this kind of website it may have links to more that 25 different website and clog the routers UDP table for that particular PC and user might not be able to resolve further DNS queries and unable to browse any new websites. This unability to browse happens until the UDP entries on the router time outs and are cleared.
5. This limit of 25 is because of the feature called Block UDP flood on the router which is enabled by default.
6. Once we disable the block UDP Flood, router does not check for 25 UDP Connections limit and dns resolution is continuous without a break.
This is what a customers in the field might be seeing interruptions in DNS resolutions and website browse failed.
Some customers explicitly talked about DNS failures.
Jason I can see you have placed a service call, so hopefully CCORAL who posted on the 15 August should be helping you.
So Folks, If the Technician deem the problem not a hardware issue requiring RMA, the technician will escalate the call to our Level 2 folks in Irvine, probably CCORAL. You will get assistance to resolve this issue.
The Small Business Support center, should be aware of the problem. Please feel free to show them this posting, i am willing to chat with them to get the ball rolling.
So again, if you have not done so already, please contact the SBSC and place a service request and keep a copy of that number they give you as a reference (you may need it). My appologies for the inconvenience you have all had.
Small Business, Channel Systems Engineer
Cisco - Research Triangle Park. USA
We just put in an RV120W and had to turn of the UDP flood to get it to work halfway properly.
We are still seeing 100% cpu - is there a fix on the way to help reduce cpu utilization?
6mb PPPOE DSL, about 10 hosts behind it, and using wireless
Thank you for the response. Your explaination makes perfect sense. It is exactly what we were seeing across our network with the page errors.
So far this morning, turning off UDP Flood seems to have eliminated the page / content errors we were seeing.
I have another issue that I would like to bring up, and this one needs your immediate attention. I am still seeing corrupt file downloads through both email attachments and file downloads. Again, its an intermitent issue. Files are downloaded, file sizes are correct. No download errors are reported. When an attempt is made to open the file, file is deemed corrupted and will not open. We are seeing this primarily with Adobe and CAD files (but not limited to), and it seems to occur most often when a file is over 100kb in size.
First thought is an MTU issue or maybe the IP packet header is not reading correctly?
I will begin another thread on this issue.
FIXED for me. I turned off UDP flood and is working fine now. Sorry that 2 days ago I incorrectly turned off the TCP instead of UDP.
Test scenario: Goto Google News page, quickly click on 10 random news links and open them in a new browser tab. All the pages should display. When doing this before the change, half the pages would not display.