- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- HP OfficeConnect 1820 Auto DOS (Prevent Invalid TC...
-
- Forums
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
01-18-2021 01:39 AM - edited 01-18-2021 06:48 AM
01-18-2021 01:39 AM - edited 01-18-2021 06:48 AM
HP OfficeConnect 1820 Auto DOS (Prevent Invalid TCP Flags Attack) killing NFS4
Hi, our new HP OfficeConnect 1820 (48port) switch has been causing some troubles, and to get down to the bottom of the (random packet loss, connectivity) problems, I enabled the Auto DOS feature, hoping to get some log info in case something weird happens.
Well, weird stuff happend, but not as I expected. Luckily, we had to restart NFS connections soon after enabling the switch, and that failed (Ubuntu 18.04 -> Freenas 11.3). After trying a plethora of things, by chance we found out that using the "noresvport" function on the NFS shares works, at the expense of not using <1024 ports for NFS. After some more thoughts, we identified the "Auto DOS" feature as one of the things that changed - we switched that off, and all the sudden, NFS connections were possible, again. Specifically, it was the "Prevent Invalid TCP Flags Attack" which killed NFS - it would be great if HP engineers look into that, and also put out some logging info in case of attacks or other "dropping" info (log level set to debug, and all I get is admin login and some STP changes as if everything works fine). Also, with almost zero traffic (maybe 100mbit in total, when idle), the switch has 30+% CPU usage...
Software Version PT.02.09 Operating System Linux 3.6.5 Serial Number CN90GMX0PH
To add: Freenas is on baremetal, Ubuntu is on ESXi 6.5 - I'll try some packet captures later.
Seems to happen for other setups, too: https://forums.centos.org/viewtopic.php?t=65772
Cheers,
Bernhard
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2021 Hewlett Packard Enterprise Development LP