Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 3117 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

packet loss

nayah

Hey, everybody,

hey there. It’s already been 2 months that we are facing a problem that we cannot find the source until now with sophos XG. Our concern is that we have a lot of packet loss at the XG appliance level. We checked, but it’s not a network layer issue or anything else.

here is a result extract of the drop-packet-capture command

2021-06-15 08:42:54 0103021 IP 51.15.159.151.5060 > 41.204.124.142.64048 : proto UDP: packet len: 648 checksum : 61834
0x0000: 4500 029c 8cd1 0000 3411 7e7f 330f 9f97 E.......4.~.3...
0x0010: 29cc 7c8e 13c4 fa30 0288 f18a 4f50 5449 ).|....0....OPTI
0x0020: 4f4e 5320 7369 703a 6363 3132 3940 3431 ONS.sip:cc129@41
0x0030: 2e32 3034 2e31 3234 2e31 3432 3a36 3430 .204.124.142:640
0x0040: 3438 3b74 7261 6e73 706f 7274 3d55 4450 48;transport=UDP
Date=2021-06-15 Time=08:42:54 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port3 o
ut_dev= inzone_id=2 outzone_id=4 source_mac=ac:f2:c5:88:09:62 dest_mac=c8:4f:86:09:33:c4 bridge_name= l3_protocol=IPv4 source_ip=51.15.159.151 dest_ip=41.204.124.142 l4
_protocol=UDP source_port=5060 dest_port=64048 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuse
r_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0
inmark=0x8002 nfqueue=0 gateway_offset=0 connid=1408073216 masterid=0 status=256 state=0, flag0=549757911040 flags1=17179869184 pbdid_dir0=0 pbrid_dir1=0

2021-06-15 08:42:54 0103021 IP 51.15.159.151.5060 > 41.204.124.142.53110 : proto UDP: packet len: 565 checksum : 29694
0x0000: 4500 0249 8cd4 0000 3411 7ecf 330f 9f97 E..I....4.~.3...
0x0010: 29cc 7c8e 13c4 cf76 0235 73fe 5349 502f ).|....v.5s.SIP/
0x0020: 322e 3020 3430 3120 556e 6175 7468 6f72 2.0.401.Unauthor
0x0030: 697a 6564 0d0a 5669 613a 2053 4950 2f32 ized..Via:.SIP/2
0x0040: 2e30 2f55 4450 2034 312e 3230 342e 3132 .0/UDP.41.204.12
Date=2021-06-15 Time=08:42:54 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port3 out_dev= inzone_id=2 outzone_id=4 source_mac=ac:f2:c5:88:09:62 dest_mac=c8:4f:86:09:33:c4 bridge_name= l3_protocol=IPv4 source_ip=51.15.159.151 dest_ip=41.204.124.142 l4_protocol=UDP source_port=5060 dest_port=53110 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x8002 nfqueue=0 gateway_offset=0 connid=1408073216 masterid=0 status=256 state=0, flag0=549757911040 flags1=17179869184 pbdid_dir0=0 pbrid_dir1=0

2021-06-15 08:42:54 0103021 IP 51.15.159.151.5060 > 41.204.124.142.64310 : proto UDP: packet len: 565 checksum : 33241
0x0000: 4500 0249 8cd5 0000 3411 7ece 330f 9f97 E..I....4.~.3...
0x0010: 29cc 7c8e 13c4 fb36 0235 81d9 5349 502f ).|....6.5..SIP/
0x0020: 322e 3020 3430 3120 556e 6175 7468 6f72 2.0.401.Unauthor
0x0030: 697a 6564 0d0a 5669 613a 2053 4950 2f32 ized..Via:.SIP/2
0x0040: 2e30 2f55 4450 2034 312e 3230 342e 3132 .0/UDP.41.204.12
Date=2021-06-15 Time=08:42:54 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port3 out_dev= inzone_id=2 outzone_id=4 source_mac=ac:f2:c5:88:09:62 dest_mac=c8:4f:86:09:33:c4 bridge_name= l3_protocol=IPv4 source_ip=51.15.159.151 dest_ip=41.204.124.142 l4_protocol=UDP source_port=5060 dest_port=64310 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x8002 nfqueue=0 gateway_offset=0 connid=1408073216 masterid=0 status=256 state=0, flag0=549757911040 flags1=17179869184 pbdid_dir0=0 pbrid_dir1=0



This thread was automatically locked due to age.
Unfiltered HTML