Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 22106 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

invalid traffic.

john_kenny

I have a client trailing xg but its dropping so much traffic there net is unusable.  If i cant sort it thats a missed opportunity.

What causes invalid traffic?

Ive not had this much issue with other clients.

 

JK



This thread was automatically locked due to age.
  • 0

    Hi,

    please provide some data about what is actually being dropped?

    Also please provide some screen shots of the rules in detail.

    Ian

  • 0 in reply to rfcat_vk

    OK so its XG 16.5 MR6,

    im seeing lots of invalid traffic on rule 0 being dropped and im assuming thats the cause of there unusable internet.

     

    Ive had to power it down now as its unusable but ive not set the rule any different to other clients.

     

    LAN any - WAN any - any service

    Ive turned off IPS filtering and scanning to make sure its not that but its still the same with all that off.

     

    The VM is connecting to a fibre modem via VMware vswith and physical port and the INT is using DHCP to pick up the address from the isp.

     

    As i say ive installed XG at other clients and not had this much issue, its so bad there SIP phones drop every 1min.

     

    Resource usage is ok CPU no more than 20% & RAM 50%, its a 4core 6gb VM

    any ideas?

  • 0

    Hi John,

    There are various reasons causing "invalid traffic", this could be an IP Packet with invalid header or Bad ICMP checksum, etc. The good news is we have the message body populated with the "reason" in v17's Log Viewer. Stay tuned.

    Thanks

  • 0 in reply to sachingurung

    sachingurung said:

    Hi John,

    The good news is we have the message body populated with the reason in v17's Log Viewer. Stay tuned.

    Thanks

    Sorry Sachin, but this Sales-guy-style Answer is not really helpful for him.
     
     
  • 0 in reply to HuberChristian

    Sort of helps, anyway it doesnt look like an issue with XG now we took it out and put the old router back and its still dropping the net all the time.

    Ran a wireshark capture and it shows lots of DUP ACK requests and bad checksum traffic, seems there is an issue elsewhere but i just cant find the issue.  The switches are only semi managed & unmanaged with an uplink between the 2.  The semi managed has all its features off like STP & multicast snooping.  but somewhere the traffic is getting corrupted.

    I know its not XG related but anyone got any ideas which may help point me in the right direction?

    Thanks

    JK

  • 0 in reply to john_kenny

    Hi,

    this might seem silly, but check all the cables are clicked home on all devices. Remove one switch and see if that isolates the issue.

     

    Ian

  • 0 in reply to HuberChristian

    Hi Huber,

    There is feature enhancement in v17, which will show you the reason why the traffic is classified as invalid traffic by XG. At present this is not populated in the message field or in the drop-captures and as I stated the issue was related to Bad Checksum value. I will take your point into consideration but the potential solution comes with v17. I may sound like a Sales executive in my previous response and thank you, I'll try to improve it. 

    Thanks