IP SLA packet length

Similar Messages

• Packet length mismatch 14336,56 on x2100 after patch 118855-19

  I'm new to solaris, and I don't currently have a solaris support contract.
  After installing solaris 10 6/06 onto my shiny new x2100 (base model) and installing the latest available patches (as of this posting), I started seeing the following message repeated every few seconds in the system log:
  ip: [ID 498608 kern.notice] Packet length mismatch: 14336, 56
  Backing out 118855-19 causes the message to stop appearing.
  Other than this message, I don't believe I have encountered any actual problems (yet).
  Any suggestions on whether I should:
  - continue to ignore this message;
  - back out the patch;
  - post this in another forum;
  - try to investigate?
  Update:
  The following messages have also appeared in the system log during shutdown:
  ip: [ID 646971 kern.notice] ip_create_dl: hw addr length = 0
  ip: [ID 200596 kern.error] bge0: <unknown primitive> failed: DL_UNSUPPORTED
  Message was edited by:
  Mike_Watters

  Hi!
  I have this patch installed, but I haven't this problem (I use IPv4).
  $ uname -srvmpi
  SunOS 5.10 Generic_118855-19 i86pc i386 i86pc
  1) Check that all recommended patches was applied.
  2) It seems to me, that one of your application uses raw socket interface
  (IP_HDRINCL, see /usr/include/netinet/in.h, ip(7p), ip6(7p), icmp6(7p)), and
  length field (ip_len, see /usr/include/netinet/ip.h) in raw packet from
  application supplied in wrong byte sequence (application was design for big
  endian computer).
  Usually kernel drops that kind of packets silently. May be new ip driver
  (/kernel/drv/ip.conf), which includes in this patch starts to work in verbose
  mode...
  Try to find this application by stopping applications one by one.

• Packet Length errors

  We are getting frequent partition crashes in various service objects with
  this type of exception:
  FATAL ERROR: Packet length extracted from data is illegal (0x6d70).
  Class: qqsp_ImplementationException
  Error #: [501, 93]
  Detected at: qqcm_FortePacket::ReadHeader at 1
  Error Time: Tue May 22 17:43:54
  Exception occurred (locally) on partition "a_service_server_cl0_Part9",
  (partitionId = C83527E0-0DB4-11D5-B381-ED2750E6AA77:0x69ba, taskId =
  [C83527E0-0DB4-11D5-B381-ED2750E6AA77:0x69ba.5]) in application
  "a_service_server_cl0", pid 4091 on node tronsha4 in environment
  mdlprime.
  We are running Forte 3.0.M.6, compiled, on Solaris 2.6 with the most recent
  patches. I haven't found anything on this in the tech notes or the
  forte-users archive. I would suspect some port scanner activity, but this
  system is not attached to the public network, so I don't think that is
  possible.
  Any information would be greatly appreciated.
  Thanks,
  Mike Lapeyre
  EDS bluesphere

  Do you have any docs or infos with "mib" oder something i should check is the ap is a good condition. i have the problem that sometimes some aps "die" -> i have to reboot them, the problem is that i have to drive to them, they are not in my office.
  hope you can help me
  bernhard

• Invalid Packet Length?

  Hi,
  We have a SessionBean that is being called very often. Whenever
  the SB method is called, we do a select from dual to access a
  sequence.
  After a while, we start getting a SQLException (see below for
  stacktrace) with "Invalid Packet Length" message.
  The first exception is on the PreparedStatement.close() and the
  following exception are in the Connection.prepareStatement()
  method.
  Does anybody have an idea of the cause of the problem?
  java.sql.SQLException: Io exception: Invalid Packet Lenght
  at oracle.jdbc.dbaccess.DBError.throwSqlException
  (DBError.java:168)
  at oracle.jdbc.dbaccess.DBError.throwSqlException
  (DBError.java:210)
  at oracle.jdbc.dbaccess.DBError.throwSqlException
  (DBError.java:323)
  at oracle.jdbc.driver.OracleStatement.close
  (OracleStatement.java:604)
  at oracle.jdbc.driver.OraclePreparedStatement.privateClose
  (OraclePreparedStatement.java:290)
  at oracle.jdbc.driver.OraclePreparedStatement.close
  (OraclePreparedStatement.java:235)
  at
  itc.epc.components.docManager.SBDocManagerBean.getUniqueKey
  (SBDocManagerBean.java:2048)
  at
  itc.epc.components.docManager.SBDocManagerBean.createDocument
  (SBDocManagerBean.java:156)
  at
  itc.epc.components.docManager.SBDocManagerBean.createDocument
  (SBDocManagerBean.java:101)
  at
  itc.epc.components.docManager.SBDocManagerBean.createDocument
  (SBDocManagerBean.java:251)
  at
  com.sssw.gen.ejb.EJB_DocManagerDeployed.itc.epc.components.docMan
  ager.SBDocManagerObject.createDocument
  (SBDocManagerObject.java:487)
  at
  com.sssw.gen.ejb.EJB_DocManagerDeployed.itc.epc.components.docMan
  ager.SBDocManagerObjectPOATie.createDocument
  (SBDocManagerObjectPOATie.java:1038)
  at
  itc.epc.components.docManager._SBDocManager_Stub.createDocument
  (_SBDocManager_Stub.java:2660)
  at itc.fs_model.parser.ModelBuilder.storeReferenceFileInfo
  (ModelBuilder.java:827)
  at
  itc.fs_model.parser.ModelBuilderCreateMode.createReferenceFile
  (ModelBuilderCreateMode.java:295)
  at itc.common.xmlparser.XMLParser.exportReferenceFile
  (XMLParser.java:467)
  at itc.common.xmlparser.XMLParser.exportOneScenario
  (XMLParser.java:319)
  at itc.common.xmlparser.XMLParser.exportScenarios
  (XMLParser.java:242)
  at itc.common.xmlparser.XMLParser.traverseTree
  (XMLParser.java:210)
  at itc.common.xmlparser.XMLParser.parseFile
  (XMLParser.java:135)
  at itc.fs_model.parser.ModelBuilder.start
  (ModelBuilder.java:628)
  at itc.fs_model.parser.ModelBuilderCreateMode.start
  (ModelBuilderCreateMode.java:351)
  at
  itc.epc.components.docManager.SBDocManagerBean.createScenario
  (SBDocManagerBean.java:1547)
  at
  com.sssw.gen.ejb.EJB_DocManagerDeployed.itc.epc.components.docMan
  ager.SBDocManagerObject.createScenario
  (SBDocManagerObject.java:718)
  at
  com.sssw.gen.ejb.EJB_DocManagerDeployed.itc.epc.components.docMan
  ager.SBDocManagerObjectPOATie.createScenario
  (SBDocManagerObjectPOATie.java:968)
  at
  itc.epc.components.docManager._SBDocManager_Stub.createScenario
  (_SBDocManager_Stub.java:1845)
  at com.interfacing.epc.ui.admin.UploadModelAction.perform
  (UploadModelAction.java:167)
  at
  org.apache.struts.action.ActionServlet.processActionPerform
  (ActionServlet.java:1787)
  at org.apache.struts.action.ActionServlet.process
  (ActionServlet.java:1586)
  at org.apache.struts.action.ActionServlet.doPost
  (ActionServlet.java:510)
  at javax.servlet.http.HttpServlet.service
  (HttpServlet.java:760)
  at javax.servlet.http.HttpServlet.service
  (HttpServlet.java:853)
  at com.sssw.srv.resources.AgWarResource.doServletDispatch
  (AgWarResource.java:796)
  at com.sssw.srv.resources.AgWarResource.service
  (AgWarResource.java:572)
  at com.sssw.srv.resources.AgWarURLResource.perform
  (AgWarURLResource.java:114)
  at com.sssw.srv.http.httpd.perform(httpd.java:4560)
  at com.sssw.srv.http.Client.processRequest(Client.java:883)
  at com.sssw.srv.http.Client.loop(Client.java:1217)
  at com.sssw.srv.http.Client.runConnection(Client.java:1421)
  at com.sssw.srv.http.Client.run(Client.java:1381)
  at java.lang.Thread.run(Thread.java:484)

  Hi,
  your router will drop the over sized packet if the DF flag is set.  However, it will return a message to the originating device showing packet oversize.
  You can try setting the router logging to debug and verbose.  This should return the originating IP.  One other thing that you can do is take a close look at any devices  that you have setup.
  Additionally, you can try changing the MTU on the router but this could result in performance 
  degradation.  Alternatively, if you can identify the originating device, you can try changing
   the MTU there as well.
  HTH 
  Houtan

• SSH Disconnecting: Bad packet length

  If I log into my new Xserves (running 10.4.4) using an invalid username, after I submit a password, ssh will hang for a long time then report:
  Disconnecting: Bad packet length xxxxxx
  My older Xserves (running 10.2 and 10.3) don't have this problem, they will just say "Permission denied, please try again" and prompt for the password again. eventually they'll disconnect you, but not with an error.
  Has Apple supplied a new version of SSH in 10.4 that is broken in some way?
  I have noticed this on both OS X server, and the desktop version (All at 10.4.4)
  This doesn't seem to be a problem if you use a valid login, only when you use an invalid userid.
  Any one else run into this? Any idea how to make ssh behave?
  thanks
  -jason

  In this case I was attempting to connect via my laptop (a powerbook) that was connected to the servers via a gigabit switch (the only intervening piece of equipment). Needless to say, these are about the most reliable connections you could expect to have.
  However, I've seen this behavior, when connecting to:
  2 different Xserves running 10.4.4 Server
  1 DualG5 powermac running 10.4.4 and
  1 Powerbook also running 10.4.4
  However when connecting to 10.2.x or 10.3.x servers, I receive the Permission denied response as one would expect.
  I just had an epiphany ....
  While attempting to disable password authentication on the 2 xserves altogether, I had to set not only "PasswordAuthentication no", but also "UsePAM no".
  So, perhaps the problem is that UsePAM is set to yes by default....
  I just attempted to log in to my workstation (10.4.4 with an unmodified sshd_config file) using a bogus username and I received:
  "Disconnecting: Bad packet length 4185019582" after an extended delay
  Then I changed the config file to set "UsePAM no" and tried the login again. this time I received:
  "Permission denied, please try again." almost immediately
  So, It appears that the default configuration that has PAM enabled for sshd is the problem here.
  Thanks for having me revisit this after sitting on it for a couple of days. It led me to the solution.
  -jason

• Invalid packet length error in logs

  For over a week now I’ve been getting the following error in my log once a minute:
  Invalid packet (too large) length=17247
  I’ve seen it stop for maybe an few hours a couple times but otherwise it’s constant. Anyone know how to track down who or what is sending this invalid packet?
  Thanks

  Hi,
  your router will drop the over sized packet if the DF flag is set.  However, it will return a message to the originating device showing packet oversize.
  You can try setting the router logging to debug and verbose.  This should return the originating IP.  One other thing that you can do is take a close look at any devices  that you have setup.
  Additionally, you can try changing the MTU on the router but this could result in performance 
  degradation.  Alternatively, if you can identify the originating device, you can try changing
   the MTU there as well.
  HTH 
  Houtan

• Java.sql.SQLException: invalid packet length

  can i get more info on this , the application has been running for some time , we are now getting the above message

  What version is the DBMS? Off hand, if you get this type of error by backing the Java version in or out,
  I'd file an official bug and let the driver and JVM folks figure it out...

• EEM- Email alert with IP SLA Based on Packet Loss

  hi joseph,
  i need your advise, i want to get alert email based on IP SLA Packet loss
  the scenarion as below :
  1. If the traffic hit threshold packet loss greater than 20% as long 15 minutes --> send email
  2. If reset condition packet loss eq 0% as long 15 minutes --> send email again
   I don't know how to configure it condition. could you help me to verify my configuration below?
  ip sla logging traps
  ip sla 1 
   icmp-jitter 10.216.0.105 source-ip 10.216.0.107 num-packets 100 interval 40
   frequency 50
  ip sla schedule 1 life forever start-time now
  ip sla reaction-configuration 1 react Packetloss threshold-value 3 1 threshold-type immediate action-type trapOnly
  ip sla enable reaction-alerts
  event manager applet TEST 
   event syslog pattern "IP SLAs\(1\): Threshold exceeded"
   action 2.0 mail server "10.240.0.10" to "[email protected]" from "[email protected]" subject "Alert for Intermittent Link" body "link intermittent in x %"
  thank you

  What's you have could work with a few modifications.  First, increase that threshold-value of 3 to 20.  You can leave the falling threshold value of 1.  You'll need to add another applet to match the falling threshold syslog message.  Not sure exactly what that one will look like.
  The first applet will look like this:
  event manager environment q "
  event manager applet ipsla-threshold-exceeded
   event syslog pattern "IP SLAs\(1\): Threshold exceeded"
   action 001 cli command "enable"
   action 002 cli command "config t"
   action 003 cli command "no event manager applet ipsla-healthy"
   action 004 cli command "event manager applet ipsla-unhealthy"
   action 005 cli command "event timer countdown time 900"
   action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Alert for Intermittent Link$q body $q link intermittent in 20 %$q"
   action 007 cli command "action 2.0 cli command enable"
   action 008 cli command "action 3.0 cli command $q config t$q"
   action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-unhealthy$q"
   action 010 cli command "action 5.0 cli command end"
   action 011 cli command "end"
  And the second applet (the one where you'll need to fill in the appropriate syslog pattern) will look like:
  event manager applet ipsla-threshold-normal
   event syslog pattern "FALLING THRESHOLD PATTERN HERE"
   action 001 cli command "enable"
   action 002 cli command "config t"
   action 003 cli command "no event manager applet ipsla-unhealthy"
   action 004 cli command "event manager applet ipsla-healthy"
   action 005 cli command "event timer countdown time 900"
   action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Link is stable$q body $q Link has been stable for 15 minutes$q"
   action 007 cli command "action 2.0 cli command enable"
   action 008 cli command "action 3.0 cli command $q config t$q"
   action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-healthy$q"
   action 010 cli command "action 5.0 cli command end"
   action 011 cli command "end"

• CRS IOS XR 4.2.3 ABF IP SLA

  Dear all,
  I got a problem when running Access-List Based Forwarding (ABF / PBR) with IP SLA.
  The Cisco document its says Object Tracking IP SLA with ABF is supported on IOS XR 4.2.1, even with the sample.
  http://www.cisco.com/en/US/docs/routers/asr9000/software/asr9k_r4.1/addr_serv/configuration/guide/ipaddr_cg41a9k_chapter1.html#concept_4CBDF391A97345A084853EE73C280FCE
  If i looked at Feature Navigator, IP SLA is already supported on IOS XR 4.1.1, with MPLS package software.
  But when i configured on CRS, IP SLA cannot be attached on ABF.
  Log :
  RP/0/RP0/CPU0:CG-P-03(admin)#show install activ sum
  Mon Feb 18 17:28:28.023 WIB
  Default Profile:
  Admin Resources
  SDRs:
     Owner
  Active Packages:
     disk0:hfr-mini-px-4.2.3
     disk0:hfr-doc-px-4.2.3
     disk0:hfr-services-px-4.2.3
     disk0:hfr-mpls-px-4.2.3
     disk0:hfr-mgbl-px-4.2.3
     disk0:hfr-mcast-px-4.2.3
     disk0:hfr-px-4.2.3.CSCuc41902-1.0.0
     disk0:hfr-px-4.2.3.CSCuc11390-1.0.0
     disk0:hfr-fpd-px-4.2.3
     disk0:hfr-diags-px-4.2.3
  RP/0/RP0/CPU0:CG-P-03(config)#track track?
  WORD
  RP/0/RP0/CPU0:CG-P-03(config)#track track1
  RP/0/RP0/CPU0:CG-P-03(config-track)#type rtr 1 rea
  RP/0/RP0/CPU0:CG-P-03(config-track)#delay up 5
  RP/0/RP0/CPU0:CG-P-03(config-track)#delay down 10
  RP/0/RP0/CPU0:CG-P-03(config-track)#comm
  Mon Feb 18 17:29:21.213 WIB
  RP/0/RP0/CPU0:CG-P-03(config-track)#ipv4 access-list testtrack
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit any nexthop1 ?
  ipv4 Enter nexthop1 ipv4 address
  vrf   Enter specific VRF Name for this nexthop
  <cr>
  RP/0/RP0/CPU0:CG-P-03(config)#ipsla
  RP/0/RP0/CPU0:CG-P-03(config-ipsla)#operation 1
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-op)#type icmp echo
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-icmp-echo)#destination add 1.1.1.1
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-icmp-echo)#frequency 60
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-icmp-echo)#exi
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-op)#exi
  RP/0/RP0/CPU0:CG-P-03(config-ipsla)#schedule operation 1
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-sched)#start-time now
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-sched)#life forever
  RP/0/RP0/CPU0:CG-P-03(config-ipsla-sched)#commit
  Mon Feb 18 17:31:42.496 WIB
  RP/0/RP0/CPU0:CG-P-03(config)#ipv4 access-list testtrack
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 ?
  A.B.C.D Enter nexthop1 IPv4 address
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 1.1.1.1 ?
  nexthop2 Enter another nexthop
  <cr>    
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 1.1.1.1 track track1
                                                                                     ^
  Theres no option track on CLI, even if i specified track, CLI said error / invalid input.
  Is there anything to make the ABF IP SLA run on CRS ?
  Thanks,
  Budi L

  Hi Parthiv,
  i have already test the configuration, but it cannot work:
  RP/0/RP0/CPU0:CG-P-03#sh run | in track
  Thu Feb 21 15:22:15.039 WIB
  Building configuration...
  track track1
  RP/0/RP0/CPU0:CG-P-03#sh run track
  Thu Feb 21 15:22:18.739 WIB
  track track1
  type rtr 1 reachability
  delay up 5
  delay down 10
  RP/0/RP0/CPU0:CG-P-03#sh run ip sla
                                ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03#sh run sla
                                ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03#sh run ipsla
  Thu Feb 21 15:22:32.501 WIB
  ipsla
  operation 1
    type icmp echo
     destination address 1.1.1.1
     frequency 60
  schedule operation 1
    start-time now
    life forever
  RP/0/RP0/CPU0:CG-P-03#sh run access-l
                                ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03#sh run ipv4 access-list
  Thu Feb 21 15:22:54.753 WIB
  ipv4 access-list ospf_traffic
  10 permit ospf any any
  RP/0/RP0/CPU0:CG-P-03#conf t
  Thu Feb 21 15:22:59.523 WIB
  RP/0/RP0/CPU0:CG-P-03(config)#ipv4 access-list testtrack
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any ?
    default        Use specified default nexthop on match against this entry
    dscp           Match packets with given DSCP value
    fragments      Check non-initial fragments
    log            Log matches against this entry
    log-input      Log matches against this entry, including input interface
    nexthop1       Forward to specified nexthop on match against this entry
    packet-length  Check packet length
    precedence     Match packets with given precedence
    ttl            match against ttl
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ?
    ipv4  Enter nexthop1 ipv4 address
    vrf   Enter specific VRF Name for this nexthop
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 track track1 ipv4 1.1.1.1
                                                                         ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ?
    ipv4  Enter nexthop1 ipv4 address
    vrf   Enter specific VRF Name for this nexthop
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ?   
    ipv4  Enter nexthop1 ipv4 address
    vrf   Enter specific VRF Name for this nexthop
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 ?
    A.B.C.D  Enter nexthop1 IPv4 address
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 track ?
                                                                              ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 1.1.1.1 ? 
    nexthop2  Enter another nexthop
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 1.1.1.1 track track1
                                                                                      ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 track1 1.1.1.1     
                                                                              ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#10 permit ipv4 any any nexthop1 ipv4 track track1 1.1.1.1
                                                                              ^
  % Invalid input detected at '^' marker.
  RP/0/RP0/CPU0:CG-P-03(config-ipv4-acl)#exit
  RP/0/RP0/CPU0:CG-P-03(config)#exi
  RP/0/RP0/CPU0:CG-P-03#

• Show IP SLA statistics output definitions

  Does anyone have a link or documentation that defines ALL the fields in a show ip sla statistics command? Some are clearly obvious, but in Packet Loss Values for instance what are the measurement values for Source to Destination Loss Periods Number: or Source to Destination Loss Periods Number: ?
  IPSLA operation id: 8502
  Start Time Index: 13:56:14 UTC Tue Mar 25 2014
  Type of operation: udp-jitter
  Voice Scores:
          MinOfICPIF: 0   MaxOfICPIF: 0   MinOfMOS: 0     MaxOfMOS: 0
  RTT Values:
          Number Of RTT: 48157            RTT Min/Avg/Max: 54/56/503 milliseconds
  Latency one-way time:
          Number of Latency one-way Samples: 0
          Source to Destination Latency one way Min/Avg/Max: 0/0/0 milliseconds
          Destination to Source Latency one way Min/Avg/Max: 0/0/0 milliseconds
  Jitter Time:
          Number of SD Jitter Samples: 43824
          Number of DS Jitter Samples: 43824
          Source to Destination Jitter Min/Avg/Max: 0/1/142 milliseconds
          Destination to Source Jitter Min/Avg/Max: 0/1/81 milliseconds
  Packet Loss Values:
          Loss Source to Destination: 96 
          Source to Destination Loss Periods Number: 796 
          Source to Destination Loss Period Length Min/Max: 1/17
          Source to Destination Inter Loss Period Length Min/Max: 1/2828
          Loss Destination to Source: 5746 
          Destination to Source Loss Periods Number: 4319
          Destination to Source Loss Period Length Min/Max: 1/17
          Destination to Source Inter Loss Period Length Min/Max: 1/321
          Out Of Sequence: 0      Tail Drop: 1
          Packet Late Arrival: 0  Packet Skipped: 0
  Number of successes: 18
  Number of failures: 30

  this is a great document as well, but doesn't dive down deep enough. The best example would be Packet Loss, where is says -
  Packet Loss
  Five types of packet loss or assimilated events can be measured with IP SLA:
  Packet loss in the source to destination (packetLossSD)
  Packet loss in the destination source (packetLossDS)
  Tail Drop: we know it has been dropped, but we do not know in which direction. This is when the last packet(s) of the test streams were dropped, because in this case, we do not receive the sequence numbers. In older releases, this is called Packet MIA for missing in action. In the MIB, the notation PacketMIA is still in use.
  Packet Late Arrival: the packet did arrive, but so late that the underlying application probably considered it as dropped, or at least not useful. Think about a VoIP application. If one packet arrives much later than expected, it is too late because the conversation keeps going. This packet is assimilated to a drop.
  Packet Misordering: the packet arrived but not in the right order. This may or may not be considered as a packet drop. (packetOutOfOrder)
  The cool thing is the power that lies behind those numbers. Differenct values can be calculated the way you want it. For instance the total amount of packet dropped is:
  packetDropped = RTTMonPacketLossSD + RTTMonPacketLossDS + RTTMonPacketMIA
  The total percentage of packets that have dropped during the instance is:
  drop_rate_%age = 100 * packetDropped / (RTTMonNumOfRTT + packetDropped)
  Many other values can be calculated, and that is entirely up to you to decide what parameters are important.
  But does not address the fields that I am looking for -
  Source to Destination Loss Period Length Min/Max: 1/17
          Source to Destination Inter Loss Period Length Min/Max: 1/2828
          Destination to Source Loss Periods Number: 4319
          Destination to Source Loss Period Length Min/Max: 1/17
          Destination to Source Inter Loss Period Length Min/Max: 1/321
  appreciate all the input though Vinod!

• 802.1x port authentication failing after getting a access-accept packet

  Hi all,
  Im not 100% sure what the hell is going on here.
  Any idea's or help will be appreciated.
  Heres the topology.
  1 x windows 2012 NPS
  1x 3750X
  1x Windows 7 x64
  data flow
  <laptop> - - [gi 1/0/13]<3750X>[gi 1/0/48]- -[gi 5/39]<6513>[po 1] - - [po 4]<6509><5/1> - - <VMWARE>[NPS Server]
  The switch that is doing the authentication is the 3750X. Here is the IOS version.
  Switch Ports Model              SW Version            SW Image
  *    1 54    WS-C3750X-48       15.2(1)E              C3750E-UNIVERSALK9-M
  A wireshark trace on the NPS server shows that the packets are arriving and being sent back
  Wireshark on a mirror of the trunk port connecting the 6513. It also shows packets being sent and arriving. access-accept packets are being recieved.
  As you can see in the debug output, the switch is getting a access-accept, then it is stating a AAA failure.
  here is a debug output as you plug in the laptop.
  Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
  Oct 24 10:53:44.653: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
  Oct 24 10:53:45.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
  Oct 24 10:53:46.641: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down
  Oct 24 10:53:47.538: dot1x-ev:[Gi1/0/13] Interface state changed to UP
  Oct 24 10:53:47.564: dot1x-packet:[6431.500e.9b00, Gi1/0/13] queuing an EAPOL pkt on Auth Q
  Oct 24 10:53:47.572: dot1x-ev:DOT1X Supplicant not enabled on GigabitEthernet1/0/13
  Oct 24 10:53:47.572: dot1x-packet:EAPOL pak rx - Ver: 0x1  type: 0x1
  Oct 24 10:53:47.572: dot1x-packet: length: 0x0000
  Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 0,TYPE= 0,LEN= 0
  Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0101.0000
  Oct 24 10:53:47.572: dot1x-ev:[Gi1/0/13] Couldn't find the supplicant in the list
  Oct 24 10:53:47.572: dot1x-ev:[6431.500e.9b00, Gi1/0/13] New client detected, sending session start event for 6431.500e.9b00
  Oct 24 10:53:47.572: AAA/BIND(00000047): Bind i/f
  Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Sending create new context event to EAP for 0x15000045 (6431.500e.9b00)
  Oct 24 10:53:47.580: EAP-EVENT: Received context create from LL (Dot1x-Authenticator) (0x15000045)
  Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received AAA ID 0x00000047 from LL
  Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: Assigning AAA ID 0x00000047
  Oct 24 10:53:47.580: EAP-AUTH-AAA-EVENT: CTS not enabled on interface Gi1/0/13
  Oct 24 10:53:47.580: EAP-AUTH-EVENT: Received Session ID "C0A846660000004700DF6030" from LL
  Oct 24 10:53:47.580: EAP-AUTH-EVENT: Setting authentication mode: Passthrough
  Oct 24 10:53:47.580:     eap_authen : initial state eap_auth_initialize has enter
  Oct 24 10:53:47.580: EAP-EVENT: Allocated new EAP context (handle = 0xE8000047)
  Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Created a client entry (0x15000045)
  Oct 24 10:53:47.580: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Dot1x authentication started for 0x15000045 (6431.500e.9b00)
  Oct 24 10:53:47.580: %AUTHMGR-5-START: Starting 'dot1x' for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
  Oct 24 10:53:47.580: EAP-EVENT: Received EAP event 'EAP_AUTHENTICATOR_START' on handle 0xE8000047
  Oct 24 10:53:47.580:     eap_authen : during state eap_auth_initialize, got event 25(eapStartTmo)
  Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_initialize -> eap_auth_select_action
  Oct 24 10:53:47.580:     eap_authen : during state eap_auth_select_action, got event 20(eapDecisionPropose)
  Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_select_action -> eap_auth_propose_method
  Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_propose_method
  Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_propose_method -> eap_auth_method_request
  Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_method_request
  Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_method_request -> eap_auth_tx_packet
  Oct 24 10:53:47.580: EAP-AUTH-EVENT: Current method = Identity
  Oct 24 10:53:47.580: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_ID_REQUEST' on handle 0xE8000047
  Oct 24 10:53:47.580:     eap_authen : idle during state eap_auth_tx_packet
  Oct 24 10:53:47.580: @@@ eap_authen : eap_auth_tx_packet -> eap_auth_idle
  Oct 24 10:53:47.589: EAP-AUTH-TX-PAK: Code:REQUEST  ID:0x1   Length:0x0005  Type:IDENTITY
  Oct 24 10:53:47.589: EAP-EVENT: Started 'Authenticator ReqId Retransmit' timer (30s) for EAP sesion handle 0xE8000047
  Oct 24 10:53:47.589: EAP-EVENT: Started EAP tick timer
  Oct 24 10:53:47.589: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_TX_PACKET' on handle 0xE8000047
  Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
  Oct 24 10:53:47.597: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
  Oct 24 10:53:47.597: dot1x-packet:EAPOL pak Tx - Ver: 0x3  type: 0x0
  Oct 24 10:53:47.597: dot1x-packet: length: 0x0005
  Oct 24 10:53:47.597: dot1x-packet:EAP code: 0x1  id: 0x1  length: 0x0005
  Oct 24 10:53:47.597: dot1x-packet: type: 0x1
  Oct 24 10:53:47.597: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL packet sent to client 0x15000045
  Oct 24 10:53:47.606: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Queuing an EAPOL pkt on Authenticator Q
  Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1  type: 0x0
  Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
  Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Dequeued pkt: Int Gi1/0/13 CODE= 2,TYPE= 1,LEN= 31
  Oct 24 10:53:47.606: dot1x-ev:[Gi1/0/13] Received pkt saddr =6431.500e.9b00 , daddr = 0180.c200.0003, pae-ether-type = 888e.0100.001f
  Oct 24 10:53:47.606: dot1x-packet:EAPOL pak rx - Ver: 0x1  type: 0x0
  Oct 24 10:53:47.606: dot1x-packet: length: 0x001F
  Oct 24 10:53:47.606: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Response sent to the server from 0x15000045
  Oct 24 10:53:47.606: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_RX_PACKET' on handle 0xE8000047
  Oct 24 10:53:47.606: EAP-AUTH-RX-PAK: Code:RESPONSE  ID:0x1   Length:0x001F  Type:IDENTITY
  Oct 24 10:53:47.606:     Payload:  47454E4552414C5C72616E64792E636F ...
  Oct 24 10:53:47.606:     eap_authen : during state eap_auth_idle, got event 1(eapRxPacket)
  Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_idle -> eap_auth_received
  Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response received by context 0xE8000047
  Oct 24 10:53:47.606: EAP-AUTH-EVENT: EAP Response type = Identity
  Oct 24 10:53:47.606: EAP-EVENT: Stopping 'Authenticator ReqId Retransmit' timer for EAP sesion handle 0xE8000047
  Oct 24 10:53:47.606:     eap_authen : during state eap_auth_received, got event 10(eapMethodData)
  Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_received -> eap_auth_method_response
  Oct 24 10:53:47.606: EAP-AUTH-EVENT: Received peer identity: GENERAL\randy.coburn.admin
  Oct 24 10:53:47.606: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_IDENTITY' on handle 0xE8000047
  Oct 24 10:53:47.606:     eap_authen : during state eap_auth_method_response, got event 13(eapMethodEnd)
  Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_method_response -> eap_auth_select_action
  Oct 24 10:53:47.606:     eap_authen : during state eap_auth_select_action, got event 19(eapDecisionPass)
  Oct 24 10:53:47.606: @@@ eap_authen : eap_auth_select_action -> eap_auth_passthru_init
  Oct 24 10:53:47.606:     eap_authen : during state eap_auth_passthru_init, got event 22(eapPthruIdentity)
  Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_passthru_init -> eap_auth_aaa_req
  Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_GET_PEER_MAC_ADDRESS' on handle 0xE8000047
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding Audit-Session-ID "C0A846660000004700DF6030" to RADIUS Req
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added Audit-Session-ID
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Adding IDB "0x070B90F8" to RADIUS Req
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Added IDB
  Oct 24 10:53:47.614: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_CUSTOMIZE_AAA_REQUEST' on handle 0xE8000047
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: eap_auth_aaa_authen_request_shim aaa_service 19, eap aaa_list handle 0, mlist handle 0
  Oct 24 10:53:47.614: AAA/AUTHEN/8021X (00000000): Pick method list 'default'
  Oct 24 10:53:47.614: EAP-AUTH-AAA-EVENT: Request sent successfully
  Oct 24 10:53:47.614:     eap_authen : during state eap_auth_aaa_req, got event 24(eapAAAReqOk)
  Oct 24 10:53:47.614: @@@ eap_authen : eap_auth_aaa_req -> eap_auth_aaa_idle
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000):Orig. component type = Invalid
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute hwidb
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-type
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-authen-service
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute clid-mac-addr
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute target-scope
  Oct 24 10:53:47.614: RADIUS/ENCODE(00000000): Unsupported AAA attribute aaa-unique-id
  Oct 24 10:53:47.614: RADIUS(00000000): Config NAS IP: 0.0.0.0
  Oct 24 10:53:47.614: RADIUS(00000000): sending
  Oct 24 10:53:47.614: RADIUS/ENCODE: Best Local IP-Address 192.168.70.102 for Radius-Server 192.168.19.121
  Oct 24 10:53:47.614: RADIUS(00000000): Send Access-Request to 192.168.19.121:1645 id 1645/21, len 288
  Oct 24 10:53:47.614: RADIUS:  authenticator F1 BA E5 31 71 54 BF 1A - A2 B1 5E 1A 63 72 1E 72
  Oct 24 10:53:47.614: RADIUS:  User-Name           [1]   28  "GENERAL\randy.coburn.admin"
  Oct 24 10:53:47.614: RADIUS:  Service-Type        [6]   6   Framed                    [2]
  Oct 24 10:53:47.614: RADIUS:  Vendor, Cisco       [26]  27
  Oct 24 10:53:47.614: RADIUS:   Cisco AVpair       [1]   21  "service-type=Framed"
  Oct 24 10:53:47.614: RADIUS:  Framed-MTU          [12]  6   1500
  Oct 24 10:53:47.614: RADIUS:  Called-Station-Id   [30]  19  "AC-F2-C5-75-7D-0D"
  Oct 24 10:53:47.614: RADIUS:  Calling-Station-Id  [31]  19  "64-31-50-0E-9B-00"
  Oct 24 10:53:47.614: RADIUS:  EAP-Message         [79]  33
  Oct 24 10:53:47.614: RADIUS:   02 01 00 1F 01 47 45 4E 45 52 41 4C 5C 72 61 6E 64 79 2E 63 6F  [GENERAL\randy.co]
  Oct 24 10:53:47.622: RADIUS:   62 75 72 6E 2E 61 64 6D 69 6E        [ burn.admin]
  Oct 24 10:53:47.622: RADIUS:  Message-Authenticato[80]  18
  Oct 24 10:53:47.622: RADIUS:   EE 52 4D ED B9 06 F3 CE 63 AC 9D 73 24 1B A7 ED             [ RMcs$]
  Oct 24 10:53:47.622: RADIUS:  EAP-Key-Name        [102] 2   *
  Oct 24 10:53:47.622: RADIUS:  Vendor, Cisco       [26]  49
  Oct 24 10:53:47.622: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=C0A846660000004700DF6030"
  Oct 24 10:53:47.622: RADIUS:  Vendor, Cisco       [26]  20
  Oct 24 10:53:47.622: RADIUS:   Cisco AVpair       [1]   14  "method=dot1x"
  Oct 24 10:53:47.622: RADIUS:  NAS-IP-Address      [4]   6   192.168.70.102
  Oct 24 10:53:47.622: RADIUS:  NAS-Port            [5]   6   60000
  Oct 24 10:53:47.622: RADIUS:  NAS-Port-Id         [87]  23  "GigabitEthernet1/0/13"
  Oct 24 10:53:47.622: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]
  Oct 24 10:53:47.622: RADIUS(00000000): Sending a IPv4 Radius Packet
  Oct 24 10:53:47.622: RADIUS(00000000): Started 10 sec timeout
  Oct 24 10:53:47.622: RADIUS: Received from id 1645/21 192.168.19.121:1645, Access-Accept, len 66
  Oct 24 10:53:47.622: RADIUS:  authenticator 92 F6 07 AF C1 AB 0B 4C - 1D 9E A0 D1 01 36 27 26
  Oct 24 10:53:47.622: RADIUS:  Class               [25]  46
  Oct 24 10:53:47.622: RADIUS:   76 E3 06 66 00 00 01 37 00 01 02 00 C0 A8 13 79 00 00 00 00 00 00 00 00 00 00 00 00 01 CE CF F8 1F 7B 75 41 00 00 00 00 00 00 00 50          [ vf7y{uAP]
  Oct 24 10:53:47.622: RADIUS(00000000): Received from id 1645/21
  Oct 24 10:53:47.622: EAP-EVENT: eap_aaa_reply
  Oct 24 10:53:47.622: EAP-AUTH-AAA-EVENT: Reply received session_label 72000033
  Oct 24 10:53:47.622: EAP-EVENT: Received AAA event 'EAP_AAA_FAIL' on handle 0xE8000047
  Oct 24 10:53:47.622:     eap_authen : during state eap_auth_aaa_idle, got event 8(eapAAAFail)
  Oct 24 10:53:47.622: @@@ eap_authen : eap_auth_aaa_idle -> eap_auth_failure
  Oct 24 10:53:47.631: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
  Oct 24 10:53:47.631: EAP-AUTH-TX-PAK: Code:FAILURE  ID:0x1   Length:0x0004
  Oct 24 10:53:47.631: EAP-AUTH-EVENT: FAIL for EAP method ID: 1, name: , on handle 0xE8000047
  Oct 24 10:53:47.631: EAP-EVENT: Sending LL (Dot1x-Authenticator) event 'EAP_FAIL' on handle 0xE8000047
  Oct 24 10:53:47.631: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Received an EAP Fail
  Oct 24 10:53:47.639: %DOT1X-5-FAIL: Authentication failed for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
  Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Added username in dot1x
  Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] Dot1x did not receive any key data
  Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Processing client delete for hdl 0x15000045 sent by Auth Mgr
  Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] 6431.500e.9b00: sending canned failure due to method termination
  Oct 24 10:53:47.639: EAP-EVENT: Received get canned status from lower layer (0xE8000047)
  Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending EAPOL packet to group PAE address
  Oct 24 10:53:47.639: dot1x-ev:[Gi1/0/13] Sending out EAPOL packet
  Oct 24 10:53:47.639: dot1x-packet:EAPOL pak Tx - Ver: 0x3  type: 0x0
  Oct 24 10:53:47.639: dot1x-packet: length: 0x0004
  Oct 24 10:53:47.639: dot1x-packet:EAP code: 0x4  id: 0x1  length: 0x0004
  Oct 24 10:53:47.639: dot1x-packet:[6431.500e.9b00, Gi1/0/13] EAPOL canned status packet sent to client 0x15000045
  Oct 24 10:53:47.639: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Deleting client 0x15000045 (6431.500e.9b00)
  Oct 24 10:53:47.639: %AUTHMGR-7-STOPPING: Stopping 'dot1x' for client 6431.500e.9b00 on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
  Oct 24 10:53:47.639: %AUTHMGR-5-FAIL: Authorization failed or unapplied for client (6431.500e.9b00) on Interface Gi1/0/13 AuditSessionID C0A846660000004700DF6030
  Oct 24 10:53:47.648: dot1x-ev:[6431.500e.9b00, Gi1/0/13] Delete auth client (0x15000045) message
  Oct 24 10:53:47.648: EAP-EVENT: Received free context (0xE8000047) from LL (Dot1x-Authenticator)
  Oct 24 10:53:47.648: dot1x-ev:Auth client ctx destroyed
  Oct 24 10:53:47.648: EAP-EVENT: Received LL (Dot1x-Authenticator) event 'EAP_DELETE' on handle 0xE8000047
  Oct 24 10:53:47.648: EAP-AUTH-EVENT: Freed EAP auth context
  Oct 24 10:53:47.648: EAP-EVENT: Freed EAP context
  Oct 24 10:53:48.621: EAP-EVENT: Stopped EAP tick timer
  Oct 24 10:53:49.485: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to up
  Oct 24 10:53:50.491: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to up
  Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] Interface state changed to DOWN
  Oct 24 10:53:53.528: dot1x-ev:[Gi1/0/13] No DOT1X subblock found for port down
  Oct 24 10:53:54.518: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/13, changed state to down
  Oct 24 10:53:55.524: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/13, changed state to down

  Hi Jatin,
  See below the data that you have requested.
  show run bits.
  aaa new-model
  aaa authentication dot1x default group radius
  aaa session-id common
  clock timezone BST 0 0
  clock summer-time UTC recurring last Sun Mar 1:00 last Sun Oct 2:00
  dot1x system-auth-control
  interface GigabitEthernet1/0/13
  switchport access vlan 80
  switchport mode access
  authentication port-control auto
  dot1x pae authenticator
  spanning-tree portfast
  interface GigabitEthernet1/0/48
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 70
  switchport mode trunk
  radius server NPS1
  address ipv4 192.168.19.121 auth-port 1645 acct-port 1646
  timeout 10
  key thesecret
  ip default-gateway 192.168.70.1
  SW1-randy#show auth sessions interface gig 1/0/13
  Interface    MAC Address    Method       Domain          Status    Fg Session ID
  Gi1/0/13     803f.5d09.189e N/A          UNKNOWN      Unauth         C0A846660000002F00251DBC
  SW1-randy#Show mac address-table Interface GigabitEthernet1/0/13
            Mac Address Table
  Vlan    Mac Address       Type        Ports
    80    803f.5d09.189e    DYNAMIC     Drop
  SW1-randy#ping 192.168.19.121
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 192.168.19.121, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/8 ms
  Here is a wireshark of the accept packet.
  Message was edited by: randy coburn
  Added wireshark trace

• Invalid Packet Lenght, JDBC, Java6 update 85

  All,
  I applied the CPU patchset for October 2014.  The java update produced the following:
  (Java.sql.SQLException: Invalid packet length)
        org.jboss.resource.adapter.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:261)
  --No errors are produced when backing out to Java 6 update 81.
  Driver Information:
  Manifest-Version: 1.0
  Ant-Version: Apache Ant 1.6.5
  Created-By: 1.5.0_51-b10 (Sun Microsystems Inc.)
  Implementation-Vendor: Oracle Corporation
  Implementation-Title: JDBC
  Implementation-Version: 11.2.0.3.0
  Repository-Id: JAVAVM_11.2.0.4.0_LINUX.X64_130711
  Specification-Vendor: Sun Microsystems Inc.
  Specification-Title: JDBC
  Specification-Version: 4.0
  --Should I update the driver or is this an issue with the new update?  Any help is appreciated.

  What version is the DBMS? Off hand, if you get this type of error by backing the Java version in or out,
  I'd file an official bug and let the driver and JVM folks figure it out...

• Unable to connect to ACE30 from 3845/2811 -ssh - Invalid modulus length

     Hi,
  I`ve seen quite a lot of posts regarding SSH issues and the above SSH error. However the fix mainly involves upgrading clients but in this instance the client is are Cisco routers 3845 / 2811 - which we use for out and inband management.
  Connectivity / routing etc is proven. Using SSH v2 the actual 6500 chassis where the ACE is physically located works fine. Configuring SSH v1 on the ACE module allows connections via the 3845/2811`s but we cannot use this.
  Both have the following IOS Version 12.4(24)T4. I have tried various key sizes on the ACE module.
  The SSH debug is :
  Aug  8 09:44:00.755: SSH2 CLIENT 2: SSH2_MSG_KEXINIT sent
  Aug  8 09:44:00.767: SSH2 CLIENT 2: ssh_receive: 536 bytes received
  Aug  8 09:44:00.767: SSH2 CLIENT 2: input: total packet length of 776 bytes
  Aug  8 09:44:00.767: SSH2 CLIENT 2: partial packet length(block size)8 bytes,nee                                                                                                                                                             ded 768 bytes,
                 maclen 0
  Aug  8 09:44:00.767: SSH2 CLIENT 2: ssh_receive: 240 bytes received
  Aug  8 09:44:00.767: SSH2 CLIENT 2: partial packet length(block size)8 bytes,nee                                                                                                                                                             ded 768 bytes,
                 maclen 0
  Aug  8 09:44:00.767: SSH2 CLIENT 2: input: padlength 10 bytes
  Aug  8 09:44:00.767: SSH2 CLIENT 2: SSH2_MSG_KEXINIT received
  Aug  8 09:44:00.767: SSH2:kex: server->client enc:aes128-cbc mac:hmac-sha1
  Aug  8 09:44:00.767: SSH2:kex: client->server enc:aes128-cbc mac:hmac-sha1
  Aug  8 09:44:00.767: SSH2 CLIENT 2: send:packet of  length 24 (length also inclu                                                                                                                                                             des padlen of 6)
  Aug  8 09:44:00.767: SSH2 CLIENT 2: SSH2_MSG_KEX_DH_GEX_REQUEST sent
  Aug  8 09:44:00.767: SSH2 CLIENT 2: Range sent- 1024  < 2048  < 4096
  Aug  8 09:44:00.859: SSH2 CLIENT 2: ssh_receive: 424 bytes received
  Aug  8 09:44:00.863: SSH2 CLIENT 2: input: total packet length of 424 bytes
  Aug  8 09:44:00.863: SSH2 CLIENT 2: partial packet length(block size)8 bytes,nee                                                                                                                                                             ded 416 bytes,
                 maclen 0
  Aug  8 09:44:00.863: SSH2 CLIENT 2: input: padlength 10 bytes
  Aug  8 09:44:00.863: SSH2 CLIENT 2: SSH2_MSG_KEX_DH_GEX_GROUP received
  Aug  8 09:44:00.863: SSH2 CLIENT 2:
  Invalid modulus length
  Is there a fix for this issue ?
  Many thanks for any tips/advise.

  I`ve now tried a new version of the code incase it was a bug. ( 12.4 (24) T6 ) and various key sizes ( 768, 1024,2048, 4096) but no avail.
  Oct 12 13:16:26.435: SSH CLIENT0: protocol version id is - SSH-2.0-OpenSSH_5.2
  Oct 12 13:16:26.435: SSH CLIENT0: sent protocol version id SSH-2.0-Cisco-1.25
  Oct 12 13:16:26.435: SSH CLIENT0: protocol version exchange successful
  Oct 12 13:16:26.435: SSH2 CLIENT 0: SSH2_MSG_KEXINIT sent
  Oct 12 13:16:26.447: SSH2 CLIENT 0: SSH2_MSG_KEXINIT received
  Oct 12 13:16:26.447: SSH2:kex: server->client enc:aes128-cbc mac:hmac-sha1
  Oct 12 13:16:26.447: SSH2:kex: client->server enc:aes128-cbc mac:hmac-sha1
  Oct 12 13:16:26.447: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_REQUEST sent
  Oct 12 13:16:26.447: SSH2 CLIENT 0: Range sent- 1024  < 2048  < 4096
  Oct 12 13:16:26.535: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_GROUP received
  Oct 12 13:16:26.535: SSH2 CLIENT 0:
  Invalid modulus length
  Oct 12 13:16:26.535: SSH CLIENT0: key exchange failure (code = 0)
  Oct 12 13:16:26.535: SSH CLIENT0: Session disconnected - error 0x00

• Double TNS datagrams in one TCP packet

  I have the following Problem:
  During a database Connection over an IPSec - tunnel between a Fortigate and a Juniper firewall the connection stalls.
  This is exactly reproducible with on select or bulk insert statement. Neither OCI or thin changes the behavior. Without the tunnel(f.e. LAN or ISDN connect)
  there no problem an no duplicate TNS.
  I have logged the TCP traffic with wireshark on both sides and noticed that I have two tns datagrams in one TCP packet.
  I use different IPSec tunnels and haven only problems with this one. Do you have a hint whats going on?
  BTW: I change sdu and tdu sizes. This changes the point in time of the stall (double tns).
  Here is the Wireshark Log:
  519     1128.135566     192.168.197.33     10.4.100.73     TNS     Request, Data (6), Data
  520     1128.135912     192.168.197.33     10.4.100.73     TNS     Request, Data (6), Data
  521     1128.179202     10.4.100.73     192.168.197.33     TCP     [TCP Window Update] ncube-lm > 64542 [ACK] Seq=7203 Ack=2341 Win=65535 Len=0
  522     1128.202975     10.4.100.73     192.168.197.33     TCP     ncube-lm > 64542 [ACK] Seq=7203 Ack=3691 Win=64185 Len=0
  523     1128.213284     10.4.100.73     192.168.197.33     TNS     Response, Marker (12), Attention
  524     1128.213516     10.4.100.73     192.168.197.33     TNS     Response, Marker (12), Attention
  525     1128.213557     192.168.197.33     10.4.100.73     TCP     64542 > ncube-lm [ACK] Seq=4265 Ack=7225 Win=64201 Len=0
  526     1128.217649     192.168.197.33     10.4.100.73     TNS     Request, Marker (12), Attention
  527     1128.255460     10.4.100.73     192.168.197.33     TCP     [TCP Dup ACK 524#1] ncube-lm > 64542 [ACK] Seq=7225 Ack=3691 Win=65535 Len=0
  * 528     1128.501575     192.168.197.33     10.4.100.73     TNS     [TCP Retransmission] Request, Marker (12), Attention
  529     1128.588704     10.4.100.73     192.168.197.33     TCP     ncube-lm > 64542 [ACK] Seq=7225 Ack=4276 Win=64950 Len=0
  Here the connection stalls, but does not terminate. The data transmission is not finished.
  The * packet has the following header information:
  Frame 528: 639 bytes on wire (5112 bits), 639 bytes captured (5112 bits)
  Ethernet II, Src: FujitsuT_92:f0:b5 (00:19:99:92:f0:b5), Dst: Fortinet_25:ea:de (00:09:0f:25:ea:de)
  Internet Protocol, Src: 192.168.197.33 (192.168.197.33), Dst: 10.4.100.73 (10.4.100.73)
  Transmission Control Protocol, Src Port: 64542 (64542), Dst Port: ncube-lm (1521), Seq: 3691, Ack: 7225, Len: 585
  Transparent Network Substrate Protocol
  Packet Length: 574
  Packet Checksum: 0x0000
  Packet Type: Data (6)
  Reserved Byte: 00
  Header Checksum: 0x0000
  Data
  Transparent Network Substrate Protocol
  Packet Length: 11
  Packet Checksum: 0x0000
  Packet Type: Marker (12)
  Reserved Byte: 00
  Header Checksum: 0x0000
  Attention
  Marker Type: Data Marker - 1 Data Bytes (0x01)
  Marker Data Byte: 0x00
  Marker Data Byte: 0x02
  Any idea?

  Ben wrote:
  Convert dbl to U64 then use swap words. Swap Words is polymorphic and will adapt the the data type you prest to it.
  Ben
  Convert is a bad idea here.you want to typecast instead.
  Rolf Kalbermatter
  Rolf Kalbermatter
  CIT Engineering Netherlands
  a division of Test & Measurement Solutions

• Packet Captures Save Location

  Where is the data from packet captures saved to on the ASA firewall? It seems as though there is plenty of documentation out there on how to set up packet captures but none on where that data is stored. Is it stored to memory? Thanks!

  Hi,
  Did a quick test on my home ASA5505
  It seems to me that when you configure the "capture" and set the "buffer" the ASA immediately reserves that amount from the RAM
  capture TEST-CAP type raw-data access-list TEST-CAP buffer 20000000 packet-length 1522 interface WAN circular-buffer [Capturing - 7090435 bytes]
  ASA# show memory
  Free memory:          20269800 bytes ( 8%)
  Used memory:         248165656 bytes (92%)
  Total memory:        268435456 bytes (100%)
  ASA# no capture TEST-CAP
  ASA# show memory
  Free memory:          40275512 bytes (15%)
  Used memory:         228159944 bytes (85%)
  Total memory:        268435456 bytes (100%)
  As you can see, after removing the capture which is set for around 20MB that amount of RAM is freed up on the ASA.
  Hope this helps :)
  - Jouni