I would think that unless the packets went over a WAN connection, fragmentation wouldn't matter. The exception would be Kerberos which sets the do-not-frag bit...but then you'd always have the problem.
I would think there is a limit being reached either on the netapp or the firewall for # of rpc connections or open TCP ports to a single IP. My guess is that its on the Netapp side.
Sent from my Android phone, please excuse any tyops.
-----Original Message----- From: Page, Jeremy [jeremy.page@gilbarco.com] Received: Tuesday, 22 Mar 2011, 3:35pm To: Robert McDermott [rmcdermo@fhcrc.org]; toasters@mathworks.com [toasters@mathworks.com] Subject: Problems with too many cifs clients behind a single IP NAT device?
Just a WAG but what about packet fragmentation?
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Robert McDermott Sent: Tuesday, March 22, 2011 1:41 PM To: toasters@mathworks.com Subject: Problems with too many cifs clients behind a single IP NAT device?
We've encountered a problem were clients behind a NAT firewall device are having intermittent problems accessing shares on the NetApp vfiler. Clinets that are not behind the NAT firewall device have no problems.
We've switched out the OpenBSD NAT device with an F5 BigIP and the problem still exists.
Do you know of a limitation of the NetApp to work correctly with hundreds of CIFS clients coming from a single IP address?
It's a NetApp FAS3070 running OnTap 7.3.5P1.
Thanks,
-Robert
rmcdermo@fhcrc.org
Please be advised that this email may contain confidential information. If you are not the intended recipient, please notify us by email by replying to the sender and delete this message. The sender disclaims that the content of this email constitutes an offer to enter into, or the acceptance of, any agreement; provided that the foregoing does not invalidate the binding effect of any digital or other electronic reproduction of a manual signature that is included in any attachment.