For all you guys that are running a home lab and that are using the Cisco SG200-08 managed switch: you might, no, will run into problems when using NFS (on vSphere, Linux or whatever) in combination with firmware version 1.0.6.2. Firmware 1.0.6.2 is currently the latest version for the SG200-08: using this firmware results in some very weird behavior in regards to NFS:
- The network seems to be operating normally. Servers, storage devices etc. are all connected and don’t show any problem;
- You can ping your NFS share from the ESXi (or Linux) host;
- Your NFS shares show up as disconnected, when trying to connect to a new NFS share you get a message like “Unable to connect to NFS server”.
I als encountered the following behavior: When another switch is used to connect to the NFS shares, there’s no problem. After quickly switching network cables to the SG200-08 switch, NFS shares remain functional. So there seems to be a problem with creating an initial connection to the NFS share.
After a long search I luckily ran into this forum thread on the Cisco forums: SG200-08 Firmware Issue. To summarize conclusions from this rather lengthy post:
- The new firmware (1.0.6.2) will drop SYN packets from the privileged ports (all ports <1024).
- NFS used privileged ports, but the new firmware will drop the SYN packets.
- Cisco confirms that DOS control is enabled on firmware 1.0.6.2: all TCP SYN packet with source port 0-1023 are dropped.
- Unfortunately you cannot disable DOS control.
Two solutions (or workarounds) are available, wait for a new version of the firmware…this will ask a lot of patience, since the forum post is from march 2013 and there’s still no solution. Another option is to downgrade to firmware 1.0.5.1. I’ve downgraded my switch firmware and this immediately resolved the NFS problem.
So…are you running the SG200-08 and are you using NFS, don’t upgrade to 1.0.6.2 cause this firmware is rubbish. Are you running 1.0.6.2 and do you have NFS problems? For now, downgrade to firmware 1.0.5.1.
I will keep you posted when any updates are available!
5 Comments
James
This stumped me for ages, so thanks for posting this. I thought I’d inadvertantly let Ubuntu enable some wacky new kernel feature in an upgrade and only tried bypassing my SG-200 as a last resort.
Andrew
I’ve spent days troubleshooting NFS issues only to discover this junk SG200-08 was my problem. Thanks for confirming. I also tried upgrading firmware to 1.0.7.4 and it bricked the unit.
Luis
I had the same issue when mounting a NFS file system into my linux PC.
Then I could fix it by updating the Cisco switch firmware version to Release 1.0.8.3.
James
This took an entire day to track down. Who would suspect the switch as the culprit in this case? Took a lot of troubleshooting time. Super sad face.
Pingback: Cisco SG 200-08 8-Port Gigabit Layer 2 Managed Switch Review