Pages

Tuesday, August 5, 2014

Packets dropped with "Server to client packet of an old UDP session" log on Tracker

Recently we encountered an issue with one of our printers. What we found out was that the printer was unable to communicate to the print server (which was behind a firewall :) ). The printer was behind a firewall too :) .
This was working fine on the previous week, but suddenly it stopped working. Obviously someone most have done something on either the printer end or on the server end.
When we looked through the firewall logs, what we observed was UDP 53213 is getting blocked on the Firewall close to the Print Server with the message "Server to client packet of an old UDP session". 
Restarting the printer didn't work. We couldn't reboot the print server as there were other sites that were using the same Print Server for printing.
So how did I resolve it? 
SIMPLE: Delete the connection entries for printer to print server, on the connections table on the firewall close to the Print Server.

I found the following article useful for this:
http://www.cpshared.com/forums/showthread.php?t=491

So the steps I followed were:
  1. SSH into the active member, and go to expert mode.
  2. Calculate the hex value for the source IP, destination IP, source port and destination port.
  3. Search for the connection entry in the connection table using the destination port.
    fw tab -t connections -u | grep cfdd
So the output was something similar to


      4. Delete the connection entry from the connection table.
fw tab -t connections -x -e "01,ac1130db,0000cfdd,0a60040a,0000cfdd,11"