Posts Tagged ‘network’

Companies. Make VPN Easy For Yourselves…….

Tuesday, March 29th, 2011

So I come to work for yet *another* company who have a 192.168.0.0/24 network on their LAN. It’s not that it’s a bad idea as such, but history had made me come to realise it can cause problems later on. How ?

Hint: most domestic vendors of home network equipment (be they switches, routers or something with ADSL built into them) tend to use either 192.168.0.0 /24, 192.168.1.0/24 or 192.168.254.0/24

Yup, if you have a home network, chances are that it and all your home devices are on ip addresses 192.168.0.something, or a 192.168.1.something, with a network mask of 255.255.255.0.

If you create a 192.168.0.0 or 192.168.1.0 network in your office environment and then try to connect to the office VPN from your home LAN, these identical networks are likely to clash. The communication kit involved cannot deal with there being x2 identical 192.168.x.x networks in x2 different locations at the same time. As result, stuff may not work correctly. For example, if I connect to th work LAN from home, once the VPN connection is established, I cannot connect to anything on my home network until I disconnect.

Admittedly I work in IT and can work around or put fixes in place. But imagine if I was a co-worker from say marketing, or sales, or, *gasp horror*, someone from senior management. I’m trying to connect to the office from home, but it not going according to the instructions you gave me because we both have a 192.168.1.0 network !

You can imagine the long and frustrating support call(s) that ensue with them trying to vaguely convey to you their setup and you gently smashing a fork into your forehead to try and keep from going insane.

The long term work around is this. If you absolutely must have /24 networks in the office (/24 is a nice size network and very easy to calculate in your head) then use anything other than 192.168. with a 255.255.255.0 network mask. What you use doesn’t matter. As long as you avoid 192.168.x.x, you will reduce the possibility of clashing with some home user LAN over a VPN connection at a later date.

more than x1 192.168.x.x network ?!?

Tags: ,
Posted in internet, networking, tcp/ip, vpn | 1 Comment »

Kaspersky NDIS 6 Filter Causes Network Loss…..

Wednesday, August 19th, 2009

We use Kaspersky for anti virus in the office. It’s an ok product, no better or worse than any others I have worked with. It did however turn out to be the cause of an issue that I was unable to figure out for a while now.

On x64 bit Vista systems, when moving large files across the network, the PC would suddenly loose it’s network connection. The network icon in the system tray would get a little yellow warning triangle on it and the status would indicate a connectivity issue.

It did not do this on systems that did not have kaspersky installed how ever. So I tried disabling the x2 Kaspersky services (anti virus and network agent). While this made the problem happen less, it did not go away completely, if I copied x3 or x4 large files (2gb+ in size each) at the same time, the network connection would drop again.

The problem was made even worse because there was no way to get the connection back without restarting the machine. Disabling and re-enabling the interface did not work, using netsh to reset the interface and winsock also did not work. The machine would become unstable and need a power cycle in the end.

I thought perhaps it was being caused by using bad network interface card drivers, so I downloaded the latest ones from the vendor web site but still the connection dropped under heavy load.

And then I spotted it. while checking the driver details for the network interface. kaspersky had added a protocol stack component that I knew nothing about, the ‘kaspersky NDIS 6 filter’.

kaspersky ndis 6 filter

kaspersky ndis 6 filter

Checking on the kaspersky site, it seems that this is a network level embedded packet interceptor. as packets arrive and leave the network card interface, the NDIS driver intercepts them for scanning to try to determin if the packet contains malicious content. It would seem that under heavy network load, the intercepts become too much and it trashes the network stack beyond repair.

Disabling this component by clearing it’s checkbox and unbinding it from the network stack seems to have fixed the issue and I was able to copy x8+ large files (2GB+) simultaneously without any connection issue. It also seems to have corrected a more minor issue I was experiencing with system pauses when network operations were happening.

I hope this helps anyone else having these issues.

Tags: , , ,
Posted in kaspersky, vista | 3 Comments »