I would think that unless the packets went over a WAN connection, fragmentation wouldn't matter. The exception would be Kerberos which sets the do-not-frag bit...but then you'd always have the problem.

I would think there is a limit being reached either on the netapp or the firewall for # of rpc connections or open TCP ports to a single IP. My guess is that its on the Netapp side.

Sent from my Android phone, please excuse any tyops.

-----Original Message-----
From: Page, Jeremy [jeremy.page@gilbarco.com]
Received: Tuesday, 22 Mar 2011, 3:35pm
To: Robert McDermott [rmcdermo@fhcrc.org]; toasters@mathworks.com [toasters@mathworks.com]
Subject: Problems with too many cifs clients behind a single IP NAT device?

Just a WAG but what about packet fragmentation?

-----Original Message-----
From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com]
On Behalf Of Robert McDermott
Sent: Tuesday, March 22, 2011 1:41 PM
To: toasters@mathworks.com
Subject: Problems with too many cifs clients behind a single IP NAT
device?

We've encountered a problem were clients behind a NAT firewall device
are having intermittent problems accessing shares on the NetApp vfiler.
Clinets that are not behind the NAT firewall device have no problems.

We've switched out the OpenBSD NAT device with an F5 BigIP and the
problem still exists.

Do you know of a limitation of the NetApp to work correctly with
hundreds of CIFS clients coming from a single IP address?


It's a NetApp FAS3070 running OnTap 7.3.5P1.

Thanks,

-Robert

rmcdermo@fhcrc.org





Please be advised that this email may contain confidential
information.  If you are not the intended recipient, please notify us
by email by replying to the sender and delete this message.  The
sender disclaims that the content of this email constitutes an offer
to enter into, or the acceptance of, any agreement; provided that the
foregoing does not invalidate the binding effect of any digital or
other electronic reproduction of a manual signature that is included
in any attachment.