ICMP SIZE

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
I Have many hosts on switch x460, and L3 interfaces, but no ping with packet size > 500 bytes, No ping interface and no ping between hosts
Photo of Luis Mendes

Luis Mendes

  • 1,690 Points 1k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Stephen Elliott

Stephen Elliott

  • 1,242 Points 1k badge 2x thumb
sounds like an MTU issue - "show ipconfig <vlan_name>" - the default is 1500.
Photo of Luis Mendes

Luis Mendes

  • 1,690 Points 1k badge 2x thumb
Router Interface on ADM is enabled and up.    inet 192.168.115.254/22   broadcast 192.168.115.255  Mtu 1500
 
I have 2 scenarios, with routing and L2-only, in both i have the same problem

ping with size 504 is maximum, between hosts or ping on interface of switch
Photo of Erik Auerswald

Erik Auerswald, Embassador

  • 13,458 Points 10k badge 2x thumb
Hello Luis,

a packet size of 500B is well inside the typical Ethernet frame data size (64B to 1500B). That should just work.

Did you check the GTAC Knowledge article How to enable inter-VLAN routing in EXOS? One important step is to enable ipforwarding after configuring the IP addresses.

You might want to verify that auto-negotiation is working:
show ports configuration no-refresh
Speed and duplex settings of switch and hosts need to match. Auto-negotiation is usually working fine, thus you should verify that all switch ports and hosts use it.

If you want to use IP packets larger than 1500B, then you need to enable Jumbo Frames on the switch, and configure an appropriate MTU on the IP interfaces:
enable jumbo-frame ports all
configure ip-mtu SIZE vlan VLANNAME
Best regards,
Erik
Photo of Luis Mendes

Luis Mendes

  • 1,690 Points 1k badge 2x thumb
I understand if i enable the jumbo frame the capacity of packet is increased to  9k, but i don ́t have jumbo enabled on any other device or others switchs, if i had the same test with other switch (customer have hp), the PING works with 1024 and others size > 504 bytes.

 I disable dos-protect. but the same .

Slot-1 ScDC1-Sw01.4 # show ports packet no-refreshPort Packet Statistics
Port      Link                         Packet Sizes
          State   0-64    65-127   128-255   256-511  512-1023 1024-1518   Jumbo
================================================================================
1:1       A 131308926   5716712   1192163    242340    409319  80876787        0
1:2       A 131310283  20250721   1192828    240568    405308  80878840        0


The packets > 504 bytes are passing, but why ping not???

Slot-1 ScDC1-Sw01.6 # show ports 1:1,1:2 informationPort      Flags               Link      ELSM Link Num  Num   Num Jumbo QOS     Load
                              State     /OAM  UPS STP VLAN Proto  Size profile Master
=====================================================================================
1:1       Em------e--fMB---x- active    - / -   1   1    1     1  1523 none
1:2       Em------e--fMB---x- active    - / -   1   1    1     1  1523 none
Photo of Stephen Elliott

Stephen Elliott

  • 1,242 Points 1k badge 2x thumb

"show ip-security anomaly" seems to default to a max payload of 512 bytes but is disabled by default?!

try a "disable ip-security anomaly-protection icmp" to see if that makes any difference?


(Edited)
Photo of Luis Mendes

Luis Mendes

  • 1,690 Points 1k badge 2x thumb
Thanks..  Works disable ip-security anomaly ping