Drop packet with no reason.... (or maybe one but i don't which one ;-))
Hi everybody,
i use a TZ-400 sonicwall with Firmware 6.5.4....
i receive a error i packet monitor
DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network)
i can't find any information about this error on internet.
I have a rule to allow traffic from zone to zone with the right port and destination.
Il already create hundreds of similar rules but this one doesn't work and i can't find why?
The port is 443
If you can help me, i'll be glad.
Thank you
Eric
Best Answer
-
shiprasahu93 Moderator
It is definitely not related to access rules as that would say dropped due to Policy drop.
This definitely needs some real-time troubleshooting and we might need to check the ARPs to see if something is different for this connection.
Kindly reach out to our support team for further help.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
0
Answers
@DisaRicks,
Welcome to the SonicWall community.
That drop code usually means that the packet being dropped is the same packet that was sent out on that link a few moments ago. It usually takes place if there is some kind of physical loop.
Could you please check the same and if possible share a screenshot of the packet monitor.
Thank you!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi,
thank you to answerso quickly.
here is a screenshot of packet monitor
and the packet detail
Ethernet Header
Ether Type: IP(0x800), Src=[00:09:0f:09:a4:07], Dst=[18:b1:69:88:53:9e]
IP Packet Header
IP Type: TCP(0x6), Src=[10.55.87.87], Dst=[172.20.85.31]
TCP Packet Header
TCP Flags = [SYN,], Src=[49406], Dst=[443], Checksum=0x66e3
Application Header
HTTPS
Value:[1]
DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2098_jcpfngDqwpegVtchhke) 2:2)
thank you
@DisaRicks,
Do you have a network diagram handy or let me know what subnets you have on X2 and to which interface should this be forwarded to?
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Hi
on X2 i've the IP 10.14.128.81/29 witch is connected to another router on IP 10.14.128.80/29 (the arrival of the packets)
I receive a packet from an IP 10.55.87.87 with port 443 for a destination on another TZ-400 accross a VPN Connexion on X1 interface (WAN).
I already use a similar connexion that works perfectly :
I receive on the same X2 from IIP 10.42.18.118 with port 4098 destination : 172.20.85.32 accross the same VPN on X1
I've a rule that says : from 10.42.18.118 with port 4098 to 172.20.85.32 : allow
Here, i say from 10.55.87.87 with port 443 to 172.20.85.31 : allow
For the route i 've : origine : 10.42.18.118 to 172.20.85.32 with any port go to GTW : PAS_SW_X3IP on interface X1 (ok)
here i say : origine : 10.55.87.87 to 172.20.85.31 with any port go to GTW : PAS_SW_X3IP on interface X1
hope to be clear...
Eric
Thank you, i submit a support request.
Eric
I ran into the same error after 'cleaning' up some NAT Policies:
DROPPED, Drop Code: 734(Packet dropped - drop bounce same link pkt), Module Id: 25(network), (Ref.Id: _2122_jcpfngDqwpegVtchhke) 1:2)
In my case, I had inadvertently removed the protocol in question (examine the packet header information in the packet capture) from the Original Service value of the NAT Policy. Once I added the protocol in question (Service Object) back into the Service Group used in this NAT Policy, my access worked and the drop error ceased.
I had the same problem and can confirm that this was resolved by creating a correct ( and missing ) NAT rule.
I reviewed my NAT rules and realized there was not one present at all to match the traffic I was generating, but the text of the error was certainly confusing ( not to mention that it matches the wrong drop code listed in Sonicwall's KB list of drop codes ).