Created on 04-01-2008 12:00 AM
Description | Some or all network interfaces appear to drop certain packets from specific applications, such as VMWare ESX clusters and Nortel Alteon application switches. The "MAC0 IP Error" counter for the network interface may also increment, which you can view using the following diagnostic CLI command: # diag hardware deviceinfo nic AMC-SW1\/1 This issue only affects Fortinet products with NP2 hardware accelerated network interfaces. |
Components |
|
Steps or Commands | This issue occurs when network applications produce frames not conforming to the IEEE 802.3 3.2.7 specification. According to that specification, if padding has been applied in an Ethernet frame, the length of the frame should be exactly 64 bytes, the minimum frame length for Ethernet. Frames that both are longer than the minimum frame length and contain padding are not conforming to the specification, and are therefore dropped by NP2 interfaces. Typically, you might observe this issue with TCP SYN or SYN-ACK signals, where frames require padding. UDP packets are generally not affected, as the packet is greater or equal to minimum frame length, and therefore does not require padding to meet the minimum frame length. Network applications/hardware known to produce non-conforming frames include:
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.