Aargh Eset Firewall Bug prevents usage of Jumbo frames

Sometime ago I had a play with Jumbo frames and it wouldn't work so I gave up for a while but decided to come back too it this weekend.

I've got a small gigabit network and I move large files around it and also backup across it. I noticed the speed was slow hence looking into Jumbo frames.

Neither Vista or XP would work i disabled the firewall version 3 of Smart security but it still wouldn't work.

In the meantime I also introduced two linux boxes and noticed that the transfer between them was a good 40 mb/sec faster than the XP or Vista/XP dual boot machine.

So after messing around with some network tweaks still no go. I returned too Jumbo frames. Despite a direct connection between two machines Jumbo frames wouldn't work and the packets always were fragmented.

Annoyed I reset the tcp/ip stack which promptly broke Eset firewall so I removed it and bingo I could use Jumbo frames. I re-installed version 4 and jumbo frames stopped working. I disabled the firewall and still wouldn't work. I then went into system settings and disabled system integration and jumbo frames worked.

Clearly Eset have been taking lessons from other software vendors and disable doesn't mean disable as it should.

On the other XP machine was Version three that wouldn't work at all and I couldn't see an option too remove from the system.

So I removed version three installed ver four and jumbo frames still wouldn't work.

Removed ver four again and fixed the winsock rebooted and reinstalled ver 4 and then disabled the firewall altogether. Bingo Jumbo frames worked.

Next stage was to check network transfer and this was now back too 60 to 80 mb/s on the faster machine and 40 -50 mb's on the second slightly slower pc.

I'm now on the windows firewall wondering when Eset are going to fix there firewall to allow jumbo frames Or is there a firewall rule that's blocking this which i don't know about

If you have a network and you're using jumbo frames it may not actually be working. the firewall doesn't say it isn't and doesn't log an errors.

Too check you need to ping "address of another machine" -f -l 2000
If you get a message saying the packets needs to be fragmentated but the flag is set this means Eset is preventing the transmission.

Forgot to mention these were the latest versions of eset smart respectively.

 

One advantage of having no firewall bar the windows one is that Firefox works without any of those annoying pauses.

 

Noticed another plus for no eset firewall. I can open my routers configuration page straight away now.

 

Well Eset tech support are trying too solve the issue but I got a feeling they don't understand want Jumbo Frames are and what effect they have on traffic across the network.

 

Maybe the lack of response is due to the fact that this is not a consistent problem? I was able to transfer files at 90 mb/s a couple days ago, ESS installed on 1 of the machines. But then again there are times I was getting a definite slow down, and disabling the firewall would speed things up noticeably.

 

Constant with me.
Anyway downloaded just nod32 so if they have given up responding I'll remove smart security until jumbo frame support is enabled.
Have you checked that Jumbo frames is actually working for you

 

Hello The PIT,

Is there a reason that you are running Smart Security over NOD32 on your set-up? Have you tried using ESET NOD32 Antivirus instead of Smart Security?

Thank you,
Richard

 

I just wanted a better firewall than the windows one. Anyway I have gone back to nod32 antivirus although during the process I managed to kill one of fritz chess engines. Dunno how well I presume I did it by accidentally opening the program while install nod32. The Thunderbird icon and the chess icon are similar and close.

 

Apparently even the ESET moderators don't believe in their product. This is like the tenth time I have seen a moderator question a customer's wisdom about using ESET Smart Security vs just NOD32. Apparently the message is don't buy our Smart Security package. If you do, turn off the firewall and use a competitor's program.

I'm going to find a way to contact ESET bypassing this forum. I want to talk to the boss and show him or her some of these posts. I want several people fired, like yesterday!

Further, I think all of us having problems with the firewall whether it be Vista SP 2 related, or Windows 7 should post often and everywhere that ESET is a company where the failure to provide reliable software and effective customer service will certainly cost them there ability to be profitable.

 

I didn't even have to look too hard for who to contact at ESET. As you can see from ESET's own press release the guy to let know that we are not happy is Mr. Anton Zajac, ESET CEO. 610 West Ash Street
Suite 1900
San Diego, CA USA 92101
619-876-5400

I have already printed off the posts I feel Mr. Zajac needs to see, which basically say take a hike. I hope you join me in letting him know of your dissatisfaction as well.

 

Hello,

I understand that one of ESET's technical support engineers is investigating the issue with packet fragmentation when using jumbo frames on GbE connections. I am confident that when he has finished testing, he will let you know the results.

One of the basic precepts of troubleshooting problems, especially ones involving complicated configurations,is to attempt to determine the domain of the problem. While ESET NOD32 Antivirus does not include an NDIS-layer firewall like ESET Smart Security does, it does scan files at the TDI layer, so trying to determine if the packet fragmentation is specific to NDIS-layer or TDI-layer scanning will be helpful in figuring out if the problem is common across both products or specific to ESET Smart Security's interception at the NDIS level.

Regards,

Aryeh Goretsky

 

Hello garryh,

I am sorry that you are not satisfied with the quality of our support. I am simply taking the basic steps in troubleshooting this instance. My intentions are not to shut down the user. I would also like to see if the issue persists with EAV running in a networked environment with the customers configuration, I feel that it wont. That info can assist in finding the resolution. Also, one of our customer support engineers is handling this customer's case. I spoke with the representative before posting my questions, we are working with the QA team to test the customers issue so that we can troubleshoot it and find a solution.

If you have specific complaints about our moderator staff I would like to follow up with you. I have sent you a PM.

Thank you,
Richard

 

Yup they've come back to me. I'm just waiting for them to verify what logging is needed in the firewall because I've looked and there hasn't been anything logged at all.

By the way theres no problem with nod32 on it's own

 

Well I started to do some diagnostics as requested eset and the firewall gave up the ghost.
So I removed it fixed the ip stack via microsofts website then ran the Esets uninstaller and then re-installed.
Firewall back up and running tried the ping the machine in question no response.
Yet I could ping the other way.
Disabled the firewall again and I could ping the pc with smart security on. I then made the mistake of disabling the firewall totally and this broke the firewall again when I re-enabled it.
At that point I had enough and removed altogether and I've gone back nod32 on it's own until some future point.
However Eset did try and solve the issue for me and I'm thankful for there efforts but at this rate it's going to take me all evening just to send them a log file. I appreciate there efforts.