My company is rolling out new credit card payment terminals across Canada and I have been monitoring them with Orion ICMP only since they do not support SNMP. I have noticed them dropping off the network from 2 to 13 minutes randomly. These are all located on remote networks running over 384K frame circuits.
I installed wireshark on a laptop and shipped it up there. After collecting data I noticed that the credit terminal ARP table was getting corrupted. After an ARP update, the ping request would hit the device and the echo response would take place but the destination MAC was corrupted. What was normally the router's Cisco MAC address, was now 53:6f:6c:61:72:57. Guess what that spells, 'solarw'. The first part of the data that Orion pings with. After a few minutes, and an ARP update, the problem corrects itself.
Has anyone had experience with Orion corrupting an ARP table? Does this sound possible? Is the data size that Orion pings with too much? It seems that the windows command line ping only uses 32 bytes of data rather than 65. I will try changing the data size to 32 bytes and see if that helps.
Any input would be appreciated. I have the manufacturer talking to their product team but it would be nice to know if it's Orion that could be at fault. You would think their device could handle a larger ping data size though...
Is there a reason to have data in the packet at all or is it just for identification purposes?
I thought I would keep it at 32 over the wekend and see if that helps but if it doesn't need anything in there I will eliminate it.
I deleted all the data and set it to zero bytes and it instantly detected all of my credit card devices as down. I put some data back in and they were reported as up.
I could still ping the devices from the server using the command line but the devices didn't like having a zero data packet.
Is Orion doing anything else that could cause the problems I am having?
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.