Questo sito utilizza cookie di profilazione (propri e di terze parti) per ottimizzare la tua esperienza online e per inviarti pubblicità in linea con le tue preferenze. Continuando a utilizzare questo sito senza modificare le tue preferenze acconsenti all’uso dei cookie. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui>
The website that you are visiting also provides Arabian language. Do you wish to switch language version?
يوفر موقع الويب الذي تزوره المحتوى باللغة العربية أيضًا. هل ترغب في تبديل إصدار اللغة؟
The website that you are visiting also provides Russia language Do you wish to switch language version?
Данный сайт есть в английской версии. Желаете ли Вы перейти на английскую версию?
The login to server 1 is slow when the network management software on the PC is used for the login. The login lasts one or two minutes. After the login, the query is also slow. However, when the same client PC is used to access server 2, the login speed is normal. When another PC on the same network segment as the previous PC is used to access server 1, no problem occurs.
When another PC on the same network segment as the previous PC is used to access server 1, no problem occurs. This phenomenon indicates that server 1 functions properly. When the same PC is used to access server 2, no problem occurs. This phenomenon indicates that the PC functions properly as well. Then the problem might be occurred on the link. Capture packets on the PC. The packet statistics are as follows:
The captured packets contain a fragment which is the first slice of a packet. Usually a fragmented packet contains several slices, but there is only one. This phenomenon indicates that follow-up fragments are discarded. In most cases, TCP packets are not fragmented, because in TCP three-way handshake, an MSS value is negotiated to determine the size of follow-up TCP data packets. The MSS vale can be adjusted by intermediate devices. If the MTU value of an interface on the device that sends SYN or SYN-ACK packets is smaller than MSS+40, the device changes the MSS value for the SYN or SYN-ACK packets to prevent fragmentation of follow-up packets. The captured packets contain a fragment, which indicates that a device on the network can fragment packets but cannot change the MSS value. This might be the cause.
After confirmation, an interface on an intermediate Cisco router has set an MTU value. Display the SYN and SYN-ACK packets among all captured packets. All MSS values are 1460. This indicates that the Cisco router does not adjust the MSS value.
The USG can use the firewall tcp-mss xxx command to change the MSS value for the forwarded SYN or SYN-ACK packets. Therefore, run the firewall tcp-mss 1400 command on the USG and conduct the login test again. The login speed is normal.
A Cisco router on the network sets an MTU value, but the router cannot change the MSS value for transmitted SYN or SYN-ACK packets. Therefore, TCP packets are fragmented, and follow-up fragments are discarded, which causes improper NMS server login.