Packet dropped as IP Sanity test failed
03/26/2020 34 11519
According to the RFC 791 for IP protocol, Fragmentation and reassembly section, every internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an internet header may be up to 60 octets, and the minimum fragment is 8 octets. So if the packet size is less than 68 bytes SonicWall drops the packet as IP sanity check. For working with these kind of non-standard IP implementations we need to enable " Allow first fragment of size lesser than 68 bytes" in internal settings.
Note: Testing is done on firmware version 184.108.40.206 So, the drops codes in this screen shot are referenced from the 220.127.116.11 firmware only.
Step 1: Do a Packet capture and export the packet capture in HTML and Libpcap format.
Step 2: Check out for the Drop code and Module ID 25 and 26 respectively(18.104.22.168)
Step 3: Export the Capture in the libpcap format and check for the size of the IP fragmented packet.
In the above attached image we can observe that the size of the packet is 24 bytes(<68 bytes) so the SonicWall is dropping the packet.