For all you guys that are running a home lab and that are using the Cisco SG200-08 managed switch: you might, no, will run into problems when using NFS (on vSphere, Linux or whatever) in combination with firmware version 18.104.22.168. Firmware 22.214.171.124 is currently the latest version for the SG200-08: using this firmware results in some very weird behavior in regards to NFS:
- The network seems to be operating normally. Servers, storage devices etc. are all connected and don’t show any problem;
- You can ping your NFS share from the ESXi (or Linux) host;
- Your NFS shares show up as disconnected, when trying to connect to a new NFS share you get a message like “Unable to connect to NFS server”.
I als encountered the following behavior: When another switch is used to connect to the NFS shares, there’s no problem. After quickly switching network cables to the SG200-08 switch, NFS shares remain functional. So there seems to be a problem with creating an initial connection to the NFS share.
After a long search I luckily ran into this forum thread on the Cisco forums: SG200-08 Firmware Issue. To summarize conclusions from this rather lengthy post:
- The new firmware (126.96.36.199) will drop SYN packets from the privileged ports (all ports <1024).
- NFS used privileged ports, but the new firmware will drop the SYN packets.
- Cisco confirms that DOS control is enabled on firmware 188.8.131.52: all TCP SYN packet with source port 0-1023 are dropped.
- Unfortunately you cannot disable DOS control.
Two solutions (or workarounds) are available, wait for a new version of the firmware…this will ask a lot of patience, since the forum post is from march 2013 and there’s still no solution. Another option is to downgrade to firmware 184.108.40.206. I’ve downgraded my switch firmware and this immediately resolved the NFS problem.
So…are you running the SG200-08 and are you using NFS, don’t upgrade to 220.127.116.11 cause this firmware is rubbish. Are you running 18.104.22.168 and do you have NFS problems? For now, downgrade to firmware 22.214.171.124.
I will keep you posted when any updates are available!