[請益] FortiGate擷取封包不全
各位先進前輩晚安
FortiGate為了解決應用層連線問題
發現FG預設會用asic, npu來offload cpu處理封包
因此,抓封包會不全
如下指令關asic offload
某條policy全由cpu抓包,官網說可抓全
config firewall policy
edit <policy_id>
set auto-asic-offload disable
next
end
但實際上,關掉auto-asic-offload後
部份session抓全,部份session抓不全
抓全是從tcp 3-way連線到最後tcp 4-way斷線,抓到全部封包
wireshark另發現部份Ethernet frame大於1514 Bytes會抓不全
frame小於1514 Bytes會抓全
configure system interface
edit <interface_name>
set mtu <new_mtu>
請問兩個問題
1. disable asic後,仍抓封包不全,是mtu預設1500 Bytes問題?
2. 如上面set mtu <new_mtu>,建議設定<new_mtu>為何值?9000 Bytes? 防火牆有多實體
介面,要全部介面都更改?
謝謝先進
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 36.230.72.89 (臺灣)
※ 文章網址: https://www.ptt.cc/bbs/MIS/M.1759494530.A.801.html
※ 編輯: kino818 (36.230.72.89 臺灣), 10/03/2025 20:33:48
→
10/03 21:10,
5天前
, 1F
10/03 21:10, 1F
→
10/03 21:11,
5天前
, 2F
10/03 21:11, 2F
→
10/03 21:19,
5天前
, 3F
10/03 21:19, 3F
→
10/03 21:19,
5天前
, 4F
10/03 21:19, 4F
→
10/03 21:20,
5天前
, 5F
10/03 21:20, 5F
→
10/04 11:10,
4天前
, 6F
10/04 11:10, 6F
→
10/04 11:14,
4天前
, 7F
10/04 11:14, 7F
→
10/04 11:14,
4天前
, 8F
10/04 11:14, 8F
→
10/04 11:21,
4天前
, 9F
10/04 11:21, 9F
→
10/04 11:21,
4天前
, 10F
10/04 11:21, 10F
→
10/04 11:21,
4天前
, 11F
10/04 11:21, 11F
→
10/04 11:21,
4天前
, 12F
10/04 11:21, 12F
→
10/04 11:21,
4天前
, 13F
10/04 11:21, 13F
→
10/04 11:21,
4天前
, 14F
10/04 11:21, 14F
→
10/04 11:24,
4天前
, 15F
10/04 11:24, 15F
→
10/04 11:24,
4天前
, 16F
10/04 11:24, 16F
→
10/04 22:43,
4天前
, 17F
10/04 22:43, 17F
→
10/04 22:49,
4天前
, 18F
10/04 22:49, 18F
→
10/04 22:49,
4天前
, 19F
10/04 22:49, 19F
→
10/06 22:44,
2天前
, 20F
10/06 22:44, 20F
→
10/06 22:46,
2天前
, 21F
10/06 22:46, 21F
→
10/06 22:46,
2天前
, 22F
10/06 22:46, 22F
MIS 近期熱門文章
11
57
14
27
PTT職涯區 即時熱門文章
65
112
