Comodo CIS + Jumbo Frames?

G’day All,

I apologise if this has been asked before but I did do a search and it came back with nothing found.

The issue I have is that with Comodo CIS installed I can’t get Jumbo Frames to work and the MTU is always set to 1500. If Comodo CIS is not installed, then Jumbo Frames work and I can get an MTU > 1500.

My setup is

PC - 32bit XP SP3 with latest updates
Comodo CIS - 3.10.102363.531 (Firewall and Defence+)
NAS - Thecus 5200BPro

PC is connected directly to NAS - no switches involved. I have multiple 1Gb Intel NICs on the PC which are teamed and connected to the 2 ports on the NAS via 802.3ad link aggregation.

With Comodo CIS installed, TCP-Z tells me I have an MTU of 1500. With Comodo CIS not installed, TCP-Z tells me I have a MTU > 1500 (depending on Jumbo Frame size I set on the PC Intel NICs and NAS)

To test jumbo frames were working I pinged from the PC to the NAS using

ping 192.168.2.1 -f -l 2000

The above command returns “packet needs to be fragmented but DF set” with Comodo CIS installed, and succeeds when Comodo CIS is not installed.

When Comodo CIS was installed, I tested

  1. Unchecking “blocked fragmented IP datagrams”
  2. Unchecking “do protocol analysis”
  3. Setting very promiscuous firewall rules
  4. Disabling firewall
  5. Disabling defence+
  6. Various combinations of the above

and I could never get Jumbo Frames to work - MTU would always be set to 1500. The only way I could get Jumbo Frames to work was to uninstall Comodo CIS.

And yes I will be unteaming my NICs to do further testing but I don’t believe the 802.3ad link aggregation is the issue here. This is because in the past when I only had a single 1Gb connection to the NAS, when testing throughput from the PC to the NAS, enabling Jumbo Frames didn’t make a difference in throughput (I always found that result curious) and I believe this was because I had Comodo firewall installed on the PC.

So my question is…has anybody got Comodo CIS to work with Jumbo Frames?

Cheers
Teck

I’m not 100% sure but i think this is caused by the firewall filter driver.

I don’t think CIS is Jumbo Frames aware on this moment, it’s also not to common for a “normal” PC to have teaming and use Jumbo Frames, by which i am not saying your config is abnormal but this is the very first case of Jumbo Frames i have seen here, are you doing a lot of video editing or something similar ?

You can check this behavior by installing CIS without the firewall, if it still works then it’s caused by the firewall driver.