A strange packet loss in a switching environment.
I have a switching environment with four switches as the diagram showing below. SW1 and SW2 are two Cisco 6509-E switches, SW3 and SW4 are two Cisco 4848E switches, Host 1 and Host 2 are Solaris servers.
The original issue reported was that the SSH session between two servers were not be able to established. Tcpdump result on the servers indicated there was packet loss in the network. Instead of randomly lost some of the packets, only specific packets were lost in the network.
When running ssh server on Host2 and running ssh client on Host1, the Diff-Hellman Key Exchange Reply packet from Host2 to Host1 was lost.
When running ssh server on Host1 and running ssh client on Host2, the Diff-Hellman GEX Init pakcet from Host2 to Host1 was lost.
There are no ACL configured on the switch interfaces.
The packet loss seems targeted for Diff-Hellman related packets, which is really weird. Does any one know why it happened?
I work with the individual reporting this issue and turns out a bad line card on the 6509-E where these 4948e access switches trunk to is the ultimate root cause. I don't believe there were any syslog or other indicators of the failure and it was semi-masked by the fallout being dependent on where the VLAN roots were homed so it wasn't consistent. Ultimately when the VLAN roots were reviewed in-depth, it did make complete sense on the impact being seen on just some access switches and ports and not others.
I believe I've written up all the pertinent facts here or perhaps left a few out and they will be filled in or corrected later.
Similar Messages
-
Hi all,
I am having a strange issue with my macbookpro recently. Here is the situation.
I have the TP-LINK wireless router both at home and work. IP address of this unit is 192.168.3.1 at home.
Recently i noticed a very high level of packet loss (60-70%) from my macbook pro when i pinged the default GW wireless router. I first thought its a wireless issue and tried debuging the issue from that end. I used my brother's macbook and he wasnt having this packet loss when i pinged from his terminal.
I then very randomly connected to my remote VPN server and noticed that the packetloss has disappeared when the VPN is connected and ping a remote IP such as 8.8.8.8.
Now i have two terminals running, one with a normal ping to 8.8.8.8 which goes via VPN and has 0% packet loss. Another terminal running a ping via interface en1 outside of the VPN interface using "ping -S 192.168.3.102 192.168.3.1" and this terminal is showing the same 60% packet loss.
Also strangely, this issue is only noticed at home router and not at work. At work the normal connection without VPN works fine.
I am at loss for ideas what could be causing this issue all of the sudden when the same settings were fine for over a year.
Any ideas?
ThanksNo solutions yet... I doubt this is a hardware matter as the packet loss goes away almost instantly when i switch on the VPN or simply move to other networks... The strangest thing is the VPN connection that solves the packet loss.. One thinks if VPN is overlaying on en1 to make its connection, how come the packetloss ceases to exist once there is a peer2peer connecton active to the same interface with the packet loss issue. Very strange indeed.
I thought also this could only be a ICMP issue (ping protocol) however ever the browsing slows down when im normally connected to this network.
In some awkward way im happy someone else is reporting this as I thought this is a weird enough problem for no one to comment on for yearly 10 days...
Im going to run a tcpdump to see if there is anything strange moving abount on my interfaces whilst there is a packet loss... will inform if any interesting results appeared... -
Packet loss when pinging from/to a cisco 3560e switch
I see Packet loss when pinging from/to a cisco 3560e switch. CPU utilization is normal.
Switches are running with IOS c3560e-universalk9-mz.122-35.SE5.bin.
Packet loss is observed for all the devices irrespective of directly connected or remote devices.
If i do self pinging, there are no packet loss.
I don't see any error on interface.
Can anyone please help me in resolving this issue.TCB Local Address Foreign Address (state)
03737C48 10.47.0.229.60053 10.41.81.55.49 CLOSEWAIT
039ACDC4 10.47.0.229.61929 10.41.35.250.49 CLOSEWAIT
03B316C0 10.47.0.229.27544 10.41.81.55.49 CLOSEWAIT
038228F0 10.47.0.229.16506 10.41.35.250.49 CLOSEWAIT
039C3D04 10.47.0.229.15207 10.41.81.55.49 CLOSEWAIT
039A9BD0 10.47.0.229.52983 10.41.81.55.49 CLOSEWAIT
0394152C 10.47.0.229.22425 161.61.35.250.49 CLOSEWAIT
037D811C 10.47.0.229.21117 10.41.81.55.49 CLOSEWAIT
039C12BC 10.47.0.229.37437 10.41.81.55.49 CLOSEWAIT
03933B84 10.47.0.229.34085 161.61.35.250.49 TIMEWAIT
03B32340 10.47.0.229.45729 10.41.81.55.49 CLOSEWAIT
038247D0 10.47.0.229.32816 10.41.81.55.49 CLOSEWAIT
039A92D8 10.47.0.229.38680 161.61.35.250.49 CLOSEWAIT
037370F0 10.47.0.229.13212 10.41.81.55.49 CLOSEWAIT
037D85F0 10.47.0.229.38728 10.41.81.55.49 CLOSEWAIT
03B2B284 10.47.0.229.23428 10.41.81.55.49 CLOSEWAIT
03B2ADB0 10.47.0.229.56836 10.41.81.55.49 CLOSEWAIT
0394BFF0 10.47.0.229.23257 161.61.35.250.49 CLOSEWAIT
036604DC 10.47.0.229.44437 10.41.81.55.49 CLOSEWAIT
0394C700 10.47.0.229.22 192.37.184.211.61639 ESTAB
039B9A68 10.47.0.229.20543 10.41.81.55.49 CLOSEWAIT
03739B28 10.47.0.229.15392 10.41.81.55.49 CLOSEWAIT
TCB Local Address Foreign Address (state)
0392EA48 10.47.0.229.13862 10.41.81.55.49 CLOSEWAIT
0365E23C 10.47.0.229.27856 10.41.81.55.49 CLOSEWAIT
03817C0C 10.47.0.229.64929 10.41.81.55.49 CLOSEWAIT
039357C8 10.47.0.229.22088 10.41.81.55.49 CLOSEWAIT
037375C4 10.47.0.229.21832 10.41.81.55.49 CLOSEWAIT
039C20E8 10.47.0.229.18169 10.41.81.55.49 CLOSEWAIT
03716D08 10.47.0.229.61993 10.41.81.55.49 CLOSEWAIT
039A74E4 10.47.0.229.62948 10.41.81.55.49 CLOSEWAIT
03655480 10.47.0.229.14052 10.41.81.55.49 CLOSEWAIT
039407F0 10.47.0.229.49643 161.61.35.250.49 CLOSEWAIT
039A53AC 10.47.0.229.13233 10.41.81.55.49 CLOSEWAIT
03739FFC 10.47.0.229.16605 10.41.81.55.49 CLOSEWAIT
039B82B8 10.47.0.229.16458 10.41.35.250.49 CLOSEWAIT
039BEBA4 10.47.0.229.64377 10.41.81.55.49 CLOSEWAIT
03741980 10.47.0.229.13866 10.41.81.55.49 CLOSEWAIT
03B3ABF8 10.47.0.229.19365 10.41.81.55.49 CLOSEWAIT
039B5810 10.47.0.229.24768 10.41.81.55.49 CLOSEWAIT
03956E48 10.47.0.229.55980 161.61.35.250.49 CLOSEWAIT
03946820 10.47.0.229.65053 161.61.35.250.49 CLOSEWAIT
037DBE94 10.47.0.229.15283 10.41.81.55.49 CLOSEWAIT
039A4854 10.47.0.229.48562 10.41.81.55.49 CLOSEWAIT
TCB Local Address Foreign Address (state)
03B33320 10.47.0.229.29803 10.41.81.55.49 CLOSEWAIT
03B3B79C 10.47.0.229.12142 10.41.81.55.49 CLOSEWAIT
03713C9C 10.47.0.229.63799 10.41.81.55.49 CLOSEWAIT
039BBECC 10.47.0.229.14763 10.41.81.55.49 CLOSEWAIT
03656E40 10.47.0.229.16357 10.41.81.55.49 CLOSEWAIT
0362A73C 10.47.0.229.62450 10.41.81.55.49 CLOSEWAIT
039B878C 10.47.0.229.64402 161.61.35.250.49 CLOSEWAIT
03826CFC 10.47.0.229.16108 10.41.81.55.49 CLOSEWAIT
03B2CA34 10.47.0.229.17634 10.41.81.55.49 CLOSEWAIT
03AD78D0 10.47.0.229.15249 161.61.35.250.49 CLOSEWAIT
03AD967C 10.47.0.229.20389 161.61.35.250.49 CLOSEWAIT
03B2C560 10.47.0.229.37079 10.41.81.55.49 CLOSEWAIT
039C5128 10.47.0.229.24711 10.41.81.55.49 CLOSEWAIT
03822F74 10.47.0.229.54866 10.41.81.55.49 CLOSEWAIT
0372C5FC 10.47.0.229.13298 10.41.81.55.49 CLOSEWAIT
0372D278 10.47.0.229.12407 10.41.81.55.49 CLOSEWAIT
039A33D0 10.47.0.229.36573 10.41.81.55.49 CLOSEWAIT
039BCEF8 10.47.0.229.53853 10.41.81.55.49 CLOSEWAIT
039C02D8 10.47.0.229.53725 10.41.81.55.49 CLOSEWAIT
039B5CE4 10.47.0.229.58027 10.41.81.55.49 CLOSEWAIT
0381866C 10.47.0.229.17100 10.41.81.55.49 CLOSEWAIT
TCB Local Address Foreign Address (state)
039BB374 10.47.0.229.53148 10.41.81.55.49 CLOSEWAIT
03AD3634 10.47.0.229.19716 161.61.35.250.49 CLOSEWAIT
0362DAA4 10.47.0.229.19479 10.41.81.55.49 CLOSEWAIT
0365AE60 10.47.0.229.62209 10.41.81.55.49 CLOSEWAIT
0362D5D0 10.47.0.229.41327 10.41.81.55.49 CLOSEWAIT
037D7C48 10.47.0.229.58283 10.41.81.55.49 CLOSEWAIT
03955474 10.47.0.229.33810 161.61.35.250.49 CLOSEWAIT
0373B15C 10.47.0.229.23331 10.41.81.55.49 CLOSEWAIT
036628D0 10.47.0.229.46856 10.41.81.55.49 CLOSEWAIT
03819584 10.47.0.229.19861 10.41.81.55.49 CLOSEWAIT
0394D000 10.47.0.229.64732 10.41.35.250.49 CLOSEWAIT
0394B760 10.47.0.229.19967 161.61.35.250.49 CLOSEWAIT
039B6BD4 10.47.0.229.40096 10.41.81.55.49 CLOSEWAIT
03AD7150 10.47.0.229.65184 10.41.35.250.49 CLOSEWAIT
039BC3A0 10.47.0.229.64702 10.41.81.55.49 CLOSEWAIT
03B3A724 10.47.0.229.60399 10.41.81.55.49 CLOSEWAIT
037145E0 10.47.0.229.43951 10.41.81.55.49 CLOSEWAIT
03955EDC 10.47.0.229.29015 161.61.35.250.49 TIMEWAIT
0365FB34 10.47.0.229.13961 10.41.81.55.49 CLOSEWAIT
03828D54 10.47.0.229.12743 10.41.81.55.49 CLOSEWAIT
037DB40C 10.47.0.229.23708 10.41.81.55.49 CLOSEWAIT
TCB Local Address Foreign Address (state)
039AF814 10.47.0.229.15100 10.41.81.55.49 CLOSEWAIT
0392E344 10.47.0.229.23399 10.41.35.250.49 CLOSEWAIT
0393DC3C 10.47.0.229.15393 161.61.35.250.49 CLOSEWAIT
03AD85D0 10.47.0.229.40932 161.61.35.250.49 TIMEWAIT
039574CC 10.47.0.229.25935 10.41.35.250.49 CLOSEWAIT
03738B74 10.47.0.229.58656 10.41.81.55.49 CLOSEWAIT
039AD91C 10.47.0.229.56760 10.41.81.55.49 CLOSEWAIT
03B3BC70 10.47.0.229.15058 10.41.81.55.49 CLOSEWAIT
03B2DC54 10.47.0.229.51131 161.61.35.250.49 CLOSEWAIT
03B393F0 10.47.0.229.11957 10.41.35.250.49 CLOSEWAIT
039B2610 10.47.0.229.33728 10.41.81.55.49 CLOSEWAIT
03B311EC 10.47.0.229.18047 10.41.81.55.49 CLOSEWAIT
039A8E04 10.47.0.229.52022 161.61.35.250.49 CLOSEWAIT
0365D460 10.47.0.229.12241 10.41.81.55.49 CLOSEWAIT
03B33E78 10.47.0.229.47640 10.41.81.55.49 CLOSEWAIT
0372C128 10.47.0.229.60323 10.41.81.55.49 CLOSEWAIT
03661CD8 10.47.0.229.39923 10.41.81.55.49 CLOSEWAIT
0393C73C 10.47.0.229.41864 10.41.35.250.49 CLOSEWAIT
03829584 10.47.0.229.56673 161.61.35.55.49 CLOSEWAIT
0362AC10 10.47.0.229.31952 10.41.81.55.49 CLOSEWAIT
039BF078 10.47.0.229.22636 10.41.81.55.49 CLOSEWAIT
TCB Local Address Foreign Address (state)
0365CF8C 10.47.0.229.14476 10.41.81.55.49 CLOSEWAIT
039B443C 10.47.0.229.59226 10.41.81.55.49 CLOSEWAIT
0393E794 10.47.0.229.56282 10.41.35.250.49 CLOSEWAIT
03657740 10.47.0.229.25769 10.41.81.55.49 CLOSEWAIT
03B2F6E8 10.47.0.229.19328 10.41.81.55.49 CLOSEWAIT
0373AC88 10.47.0.229.25766 10.41.81.55.49 CLOSEWAIT
039B213C 10.47.0.229.28882 10.41.81.55.49 CLOSEWAIT
039C07AC 10.47.0.229.38201 10.41.81.55.49 CLOSEWAIT
03AD8DD0 10.47.0.229.23002 10.41.35.250.49 CLOSEWAIT
03739048 10.47.0.229.29572 10.41.35.250.49 CLOSEWAIT
039BA464 10.47.0.229.32273 10.41.81.55.49 CLOSEWAIT
03B31E6C 10.47.0.229.32521 10.41.81.55.49 CLOSEWAIT
0365EBE0 10.47.0.229.41319 10.41.81.55.49 CLOSEWAIT
03938804 10.47.0.229.62841 10.41.35.250.49 CLOSEWAIT
039A1AF8 10.47.0.229.12758 10.41.81.55.49 CLOSEWAIT
039B7DE4 10.47.0.229.20921 10.41.81.55.49 CLOSEWAIT
036549F8 10.47.0.229.51903 10.41.81.55.49 CLOSEWAIT
03714CC8 10.47.0.229.45145 10.41.81.55.49 CLOSEWAIT
037425F8 10.47.0.229.56492 10.41.81.55.49 CLOSEWAIT
03B39D74 10.47.0.229.18174 10.41.81.55.49 CLOSEWAIT -
WIFI Packet Loss/Jitter MacBook Air 11 & LION OSX 10.7.1
I started using computers more than 30 years ago when I was 5, I had my first IBM PC at the age of 10 and have never had any interest in paying over the odds for an Apple mac mainly because I saw the Mac as a kind of "Can't open nothing", one mouse buttoned retard of the computer world.
That is, until now.
I set up an online business 3 years ago and rented a dedicated server and set the whole business up in a cloud, so to speak. Having done that, all I needed a laptop for was a remote desktop connection and to run a SIP phone (Internet phone).
My PC based laptops had almost nothing installed on them, and I wasn't using software on the laptop itself, I was using remote desktop, so - why not try a MAC? The new Macbook Air 11 is small, light and made of metal and glass so should be robust enough to travel with me.
I have to say, this was the worst move I've ever made.
I opened the new shiny macbook and the first thing I noticed was that the internet seemed hit and miss. Moving around the room I managed to find a spot whereby pages woud load quickly. Strange, my £200 acer laptop was sh.t fast everywhere in the house. No matter, I packed it back away and carried on working on the Windows machine.
I've come to Newquay this week, and i've started to try and use the Macbook again in a hotel. The wireless signal in the room is low, and speedtest shows about 1 meg down and 3/4 meg up. That may sound bad to you, but remote desktop uses about 5k/sec (modem dial up speed) and the softphone, well, my Asterisk VOIP setup is confugured to use the GSM codec so that's 8k/sec each way + overheads.
This whole setup was deliberately designed to be "thin" so I can travel with ease and work on bad connections like USB internet sticks.
Anyhow, the Macbook was unable to hold a stable connection to the remote desktop or SIP phone, even though the speed test showed a whopping 1 meg up and down. What you may not be aware of is that there is more to a connection than the speed, there is the quality as well. How many packets are lost / how much "jitter" is on the line.
Anyhow, we're not living in the 3rd world, I ran a PINGTEST and it showed a small amount of jitter but told me the line was class B, online games may suffer but voip should be fine.
I unpacked the Acer, placed it in exactly the same spot as the Apple had sat in and it worked beautifully with 1 bar of wireless signal, all day long. Phone calls were clear.
So you know now what I'm thinking. I'm sitting here with my £200 acer because I can't use the £1500 macbook air 11. I paid nearly sixteen hundred pounds for this piece of .... and it doesn't ...... work. Time to contact Apple support.
2nd Mistake!
Representitive 1: - Told me that I can't compare the Macbook Air to the Acer, the Acer has Google Chrome and everybody knows Google Chrome is the fastest browser. I was told there was nothing more he could do, its probably a bad line at the hotel. When I explained the Acer works fine for voip I was told well, maybe it is getting a better signal. I explained the Acer has the cheapest possible parts inside it and paid 1500 for this macbook, expecting it to have quality parts inside and was told I'd paid for the size, because its so small but its not considered "powerful". Apple do you train your staff? Clearly not.
Thank god I wasn't paying to talk to this moron.
Representitive 2: - Had no idea what packet loss or Jitter was, got me to do a speedtest and said that looks fine. Then he got me to remove the WIFI adapter and re add it in the network settings.
Guess what, nothing changed, its still the same hardware and software.
Representitive 3: - Still not really understanding "quality" issues with the networking interface, I was asked to install the latest Java client. I did it, only because I wanted to comply with Apples wishes so they'd help me, but they weren't helping and Java has nothing to do with the network adapter, so that was useless advice too.
Apple seem to have no idea there is a problem, even though Google has pages and pages of people saying the same as me, and their own discussion forums have thousands of people complaining https://discussions.apple.com/thread/2664670?start=0&tstart=0
Finally, late yesterday whilst speaking to d.ck head number 3 at Apple support, we found a forum post talking about a fix, 10.7.1 update. I told d. head number 3 about the update and he suggested I applied it. So I did and everything looked great, for a whole evening.
This morning, I switched on again and the same thing, slow remote desktop, choppy unusable phone. Remember the phone needs less than 20k for a conversation, thats 0.2 meg. Speedtest again showing a whole meg both ways.
I called apple support again, this time being a little forceful, and I've asked for this to be escalated, but the bottom line is - they have no fix, they don't aknowledge this as a problem and I was told LION is new, so maybe it's got a bug..
I told the guy on the phone this is a network driver issue, the intermittency of the problem shows that and the Apple's lack of settings for the network adapter means the unit is autonegotiating with the router and choosing speed and duplex settings on its own. Sometimes it does that correctly, other times not and the connection although fast has a lot of noise / packet loss / corruption.
I've found a workaround, you put the unit to sleep and wake it up again and it runs fast until the next shutdown. Not really acceptable seeing as I was paying for "the cream of the crop".
I will definately not be recommending Apple products, and i'll certainly not be replacing the Windows laptops in my business with Apple's toytown system- i'd go out of business if I had to rely on this.
All there is left now, is to look at Boot camp and see if I can wipe this waste of space linux hack from the unit and install Windows 7.I started using computers more than 30 years ago when I was 5, I had my first IBM PC at the age of 10 and have never had any interest in paying over the odds for an Apple mac mainly because I saw the Mac as a kind of "Can't open nothing", one mouse buttoned retard of the computer world.
That is, until now.
I set up an online business 3 years ago and rented a dedicated server and set the whole business up in a cloud, so to speak. Having done that, all I needed a laptop for was a remote desktop connection and to run a SIP phone (Internet phone).
My PC based laptops had almost nothing installed on them, and I wasn't using software on the laptop itself, I was using remote desktop, so - why not try a MAC? The new Macbook Air 11 is small, light and made of metal and glass so should be robust enough to travel with me.
I have to say, this was the worst move I've ever made.
I opened the new shiny macbook and the first thing I noticed was that the internet seemed hit and miss. Moving around the room I managed to find a spot whereby pages woud load quickly. Strange, my £200 acer laptop was sh.t fast everywhere in the house. No matter, I packed it back away and carried on working on the Windows machine.
I've come to Newquay this week, and i've started to try and use the Macbook again in a hotel. The wireless signal in the room is low, and speedtest shows about 1 meg down and 3/4 meg up. That may sound bad to you, but remote desktop uses about 5k/sec (modem dial up speed) and the softphone, well, my Asterisk VOIP setup is confugured to use the GSM codec so that's 8k/sec each way + overheads.
This whole setup was deliberately designed to be "thin" so I can travel with ease and work on bad connections like USB internet sticks.
Anyhow, the Macbook was unable to hold a stable connection to the remote desktop or SIP phone, even though the speed test showed a whopping 1 meg up and down. What you may not be aware of is that there is more to a connection than the speed, there is the quality as well. How many packets are lost / how much "jitter" is on the line.
Anyhow, we're not living in the 3rd world, I ran a PINGTEST and it showed a small amount of jitter but told me the line was class B, online games may suffer but voip should be fine.
I unpacked the Acer, placed it in exactly the same spot as the Apple had sat in and it worked beautifully with 1 bar of wireless signal, all day long. Phone calls were clear.
So you know now what I'm thinking. I'm sitting here with my £200 acer because I can't use the £1500 macbook air 11. I paid nearly sixteen hundred pounds for this piece of .... and it doesn't ...... work. Time to contact Apple support.
2nd Mistake!
Representitive 1: - Told me that I can't compare the Macbook Air to the Acer, the Acer has Google Chrome and everybody knows Google Chrome is the fastest browser. I was told there was nothing more he could do, its probably a bad line at the hotel. When I explained the Acer works fine for voip I was told well, maybe it is getting a better signal. I explained the Acer has the cheapest possible parts inside it and paid 1500 for this macbook, expecting it to have quality parts inside and was told I'd paid for the size, because its so small but its not considered "powerful". Apple do you train your staff? Clearly not.
Thank god I wasn't paying to talk to this moron.
Representitive 2: - Had no idea what packet loss or Jitter was, got me to do a speedtest and said that looks fine. Then he got me to remove the WIFI adapter and re add it in the network settings.
Guess what, nothing changed, its still the same hardware and software.
Representitive 3: - Still not really understanding "quality" issues with the networking interface, I was asked to install the latest Java client. I did it, only because I wanted to comply with Apples wishes so they'd help me, but they weren't helping and Java has nothing to do with the network adapter, so that was useless advice too.
Apple seem to have no idea there is a problem, even though Google has pages and pages of people saying the same as me, and their own discussion forums have thousands of people complaining https://discussions.apple.com/thread/2664670?start=0&tstart=0
Finally, late yesterday whilst speaking to d.ck head number 3 at Apple support, we found a forum post talking about a fix, 10.7.1 update. I told d. head number 3 about the update and he suggested I applied it. So I did and everything looked great, for a whole evening.
This morning, I switched on again and the same thing, slow remote desktop, choppy unusable phone. Remember the phone needs less than 20k for a conversation, thats 0.2 meg. Speedtest again showing a whole meg both ways.
I called apple support again, this time being a little forceful, and I've asked for this to be escalated, but the bottom line is - they have no fix, they don't aknowledge this as a problem and I was told LION is new, so maybe it's got a bug..
I told the guy on the phone this is a network driver issue, the intermittency of the problem shows that and the Apple's lack of settings for the network adapter means the unit is autonegotiating with the router and choosing speed and duplex settings on its own. Sometimes it does that correctly, other times not and the connection although fast has a lot of noise / packet loss / corruption.
I've found a workaround, you put the unit to sleep and wake it up again and it runs fast until the next shutdown. Not really acceptable seeing as I was paying for "the cream of the crop".
I will definately not be recommending Apple products, and i'll certainly not be replacing the Windows laptops in my business with Apple's toytown system- i'd go out of business if I had to rely on this.
All there is left now, is to look at Boot camp and see if I can wipe this waste of space linux hack from the unit and install Windows 7. -
Packet Loss after Reboot of ASA 5510
Hi all,
I have an ASA and a 2811 behind it and I had to replace a battery on a UPS so I had to take down the network to do it. Before doing it the network ran fine, but I did a WR MEM and a Copy RUNNING to STARTUP config thinking that the configs I had were fine. At some point in the past I must of made a change and never applied it and maybe it is causing the issue, but I am at a loss as to what is the cause. I am getting consistent packet loss from the ASA out. Any address I ping on the inside is clear and quick. Also, I do not know if it is related, but I cannot get results from TRACE ROUTES and I believe I used to.
I have confirmed the PL is related to my network, if I plug the static IP info from the provider in to a laptop, it is clear. I am at my wits end, and I know just enough to be dangerous, so any help would be appreciated.
Here are my configs:
ASA5510# sh run
: Saved
ASA Version 9.1(4)
hostname ASA5510
domain-name m.int
enable password encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd encrypted
names
dns-guard
interface Ethernet0/0
description LAN Interface
nameif Inside
security-level 100
ip address 10.10.1.1 255.255.255.252
interface Ethernet0/1
description WAN Interface
nameif Outside
security-level 0
ip address 68.233.x.x 255.255.255.128
interface Ethernet0/2
description DMZ
nameif DMZ
security-level 100
ip address 10.10.0.1 255.255.255.252
interface Ethernet0/3
description VOIP
nameif VOIP
security-level 100
ip address 10.10.2.1 255.255.255.252
interface Management0/0
management-only
shutdown
nameif management
security-level 0
no ip address
boot system disk0:/asa914-k8.bin
ftp mode passive
dns domain-lookup Inside
dns domain-lookup Outside
dns server-group DefaultDNS
name-server 8.8.8.8
name-server 8.8.4.4
name-server 68.233.xx.5
name-server 68.233.xx.6
domain-name m.int
same-security-traffic permit inter-interface
object network ROUTER-2811
host 10.10.1.2
object network ROUTER-2821
host 10.10.0.2
object network WEBCAM-01
host 192.168.1.5
object network DNS-SERVER
host 192.168.1.2
object network ROUTER-3745
host 10.10.2.2
object network RDP-DC1
host 192.168.1.2
object network BLUE
host 192.168.1.6
description Blue Iris Server
object network M_LAP_LEA
host 192.168.1.20
description Laptop from LEA
object-group network PAT-SOURCE
network-object 10.10.1.0 255.255.255.252
network-object 10.10.0.0 255.255.255.252
network-object 10.10.2.0 255.255.255.252
network-object 192.168.0.0 255.255.255.0
network-object 172.16.10.0 255.255.255.0
network-object 172.16.20.0 255.255.255.0
network-object 128.162.1.0 255.255.255.0
network-object 128.162.10.0 255.255.255.0
network-object 128.162.20.0 255.255.255.0
network-object 192.168.1.0 255.255.255.0
network-object 192.168.10.0 255.255.255.0
network-object 192.168.20.0 255.255.255.0
network-object 172.16.1.0 255.255.255.0
network-object 162.128.1.0 255.255.255.0
network-object 162.128.10.0 255.255.255.0
network-object 162.128.20.0 255.255.255.0
network-object 142.16.1.0 255.255.255.0
network-object 142.16.10.0 255.255.255.0
network-object 142.16.20.0 255.255.255.0
object-group network DM_INLINE_NETWORK_2
network-object host 98.22.xxx
object-group network Outside_access_in
object-group protocol DM_INLINE_PROTOCOL_1
protocol-object gre
access-list USERS standard permit 10.10.1.0 255.255.255.0
access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-2811 eq ssh
access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-2821 eq ssh
access-list Outside_access_in extended permit tcp host 98.22.xxx interface Outside eq https
access-list Outside_access_in extended permit tcp host 98.22.xxx object WEBCAM-01 eq www inactive
access-list Outside_access_in extended permit tcp host 98.22.xxx object RDP-DC1 eq xxxx
access-list Outside_access_in extended permit tcp host 98.22.xxx object BLUE eq xxxx
access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-3745 eq ssh
access-list Outside_access_in extended permit tcp any object BLUE eq xxxx
access-list dmz-access-vlan1 extended permit ip 128.162.1.0 255.255.255.0 any
access-list dmz-access remark Permit all traffic to DC1
access-list dmz-access extended permit ip 128.162.1.0 255.255.255.0 host 192.168.1.2
access-list dmz-access remark Permit only DNS traffic to DNS server
access-list dmz-access extended permit udp 128.162.1.0 255.255.255.0 host 192.168.1.2 eq domain
access-list dmz-access remark Permit ICMP to all devices in DC
access-list dmz-access extended permit icmp 128.162.1.0 255.255.255.0 192.168.1.0 255.255.255.0
access-list dmz-access remark Permit all traffic to DC1
access-list dmz-access remark Permit only DNS traffic to DNS server
access-list dmz-access remark Permit ICMP to all devices in DC
pager lines 24
logging enable
logging asdm informational
mtu Inside 1500
mtu Outside 1500
mtu DMZ 1500
mtu VOIP 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
icmp deny any Outside
asdm image disk0:/asdm-715.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
object network ROUTER-2811
nat (Inside,Outside) static interface service tcp ssh x
object network ROUTER-2821
nat (DMZ,Outside) static interface service tcp ssh x
object network WEBCAM-01
nat (Inside,Outside) static interface service tcp www x
object network ROUTER-3745
nat (VOIP,Outside) static interface service tcp ssh x
object network RDP-DC1
nat (Inside,Outside) static interface service tcp xxxx xxxx
object network BLUE
nat (Inside,Outside) static interface service tcp xxxx xxxx
nat (any,Outside) after-auto source dynamic any interface
access-group Outside_access_in in interface Outside
route Outside 0.0.0.0 0.0.0.0 68.233.151.1 1
route DMZ 128.162.1.0 255.255.255.0 10.10.0.2 1
route DMZ 128.162.10.0 255.255.255.0 10.10.0.2 1
route DMZ 128.162.20.0 255.255.255.0 10.10.0.2 1
route VOIP 142.16.1.0 255.255.255.0 10.10.2.2 1
route VOIP 142.16.10.0 255.255.255.0 10.10.2.2 1
route VOIP 142.16.20.0 255.255.255.0 10.10.2.2 1
route Inside 172.16.10.0 255.255.255.0 10.10.1.2 1
route Inside 172.16.20.0 255.255.255.0 10.10.1.2 1
route Inside 192.168.1.0 255.255.255.0 10.10.1.2 1
route Inside 192.168.10.0 255.255.255.0 10.10.1.2 1
route Inside 192.168.20.0 255.255.255.0 10.10.1.2 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server PNL-RADIUS protocol radius
aaa-server PNL-RADIUS (Inside) host 192.168.1.2
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 Inside
http 98.22.xxx 255.255.255.255 Outside
snmp-server host Inside 192.168.1.2 community ***** version 2c udp-port 161
snmp-server location Lovington NM USA
snmp-server contact Mitchell Tuckness
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpool policy
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 Inside
ssh 98.22.xxx 255.255.255.255 Outside
ssh timeout 60
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 24.56.178.140 source Outside prefer
username xxxx password x encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect icmp error
inspect pptp
class class-default
user-statistics accounting
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
password encryption aes
hpm topN enable
Cryptochecksum:949189d67866f6c09450769d41649992
: end
C2811#sh run
Building configuration...
Current configuration : 3925 bytes
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname C2811
boot-start-marker
boot system flash
boot-end-marker
enable secret 4 DWJfYBf6KhkIRmhhIhx8ibAAXVGQWjwfuyzfaX4Im8M
aaa new-model
aaa session-id common
dot11 syslog
no ip source-route
ip cef
no ip dhcp use vrf connected
ip domain name maladomini.int
ip name-server 192.168.1.2
ip name-server 8.8.8.8
ip name-server 68.233.xxx.x
ip name-server 68.233.xxx.x
no vlan accounting input
multilink bundle-name authenticated
password encryption aes
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1290569776
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1290569776
revocation-check none
rsakeypair TP-self-signed-1290569776
crypto pki certificate chain TP-self-signed-1290569776
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31323930 35363937 3736301E 170D3134 30313035 30363130
33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32393035
36393737 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B18F F63C5121 00785DE0 854601BA EE77DAA3 21286D8C 6E700C37 237CC1BE
611023AF FBE04BBE 7B4B3233 E4E129DD A74604E5 62AA39BF 77F98D5D D63944E9
2345AE37 D93C5753 E425E85A EB22C2C9 CFC5D1A0 F800449B 0419A5C8 A0A101EC
02928172 7B30A609 71ADA3D4 68F4F484 AF2B3249 0E225DB2 C72C136A E670D761
DDE30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1461F6DE 8EF50F7B 0E46359F 421EA106 9375F65F 30301D06
03551D0E 04160414 61F6DE8E F50F7B0E 46359F42 1EA10693 75F65F30 300D0609
2A864886 F70D0101 05050003 81810049 BA55F695 8525265F ED2D77EE 8706BF10
63A7E644 202F6663 9EA5551F 47F7FC50 D4021EDD E3DC5A80 39FD161A C337D20D
71B98875 0F1FE887 649E81D3 F93F7A1B A1E18B99 A77B1A59 84DB4711 867913FD
044084FB 651ECA6E C6EDF35C E43A2946 8C01781E 26DB9484 C8740A82 4A7CA266
A0655526 CBCB4982 F30D68E9 D70753
quit
license udi pid CISCO2811 sn FTX1041A07T
username admin secret 5 $1$iBeC$8dqYMcpTex8gtUfannzox.
username xxxx privilege 15 secret 4 DWJfYBf6KhkIRmhhIhx8ibAAXVGQWjwfuyzfaX4Im8M
redundancy
ip ssh time-out 60
ip ssh authentication-retries 5
ip ssh version 2
interface FastEthernet0/0
description CONNECTION TO INSIDE INT. OF ASA
ip address 10.10.1.2 255.255.255.252
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
no ip address
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1.1
description VLAN 10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface FastEthernet0/1.2
description VLAN 20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface FastEthernet0/1.3
description Trunk Interface VLAN 1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface Dialer0
no ip address
ip default-gateway 10.10.1.1
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip dns server
ip route 0.0.0.0 0.0.0.0 10.10.1.1
ip ospf name-lookup
access-list 1 permit any
dialer-list 1 protocol ip permit
snmp-server community Maladomini-RW RW
tftp-server system:running-config 1
control-plane
line con 0
exec-timeout 0 0
password 7 101D58415D361606050A147A
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 0527031B2C49470758
transport input ssh
scheduler allocate 20000 1000
end
2821:
C2821#sh run
Building configuration...
Current configuration : 4128 bytes
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname C2821
boot-start-marker
boot system flash
boot-end-marker
enable secret 4 x
aaa new-model
aaa session-id common
dot11 syslog
no ip source-route
ip cef
no ip dhcp use vrf connected
ip domain name maladomini.int
ip name-server 192.168.1.2
ip name-server 8.8.8.8
ip name-server 68.233.xxx.x
ip name-server 68.233.xxx.x
no vlan accounting input
multilink bundle-name authenticated
password encryption aes
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-3335929422
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3335929422
revocation-check none
rsakeypair TP-self-signed-3335929422
crypto pki certificate chain TP-self-signed-3335929422
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33333335 39323934 3232301E 170D3134 30313135 30333537
32385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33333539
32393432 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100AF6D 8C23745E 80AA83AC BE0243DD C8F8EC56 85BBE495 EF790354 B7E81921
4C46CE35 F840420A 8385D3E3 B7B14EDF F4A8DB51 1A29E0ED A2704F69 9632ED7E
5F66E546 486B2821 FB77266F 950D351E 13AA18FE 687643F6 FB9BF95F E56A0195
19B8A7B6 7A582357 2517F08E 5E3BA197 2CD71E3E 32AB4B96 412E9AE3 1932A218
7A1F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14A86115 C2CA9E15 399B2A9C 21585323 1E2F3D98 45301D06
03551D0E 04160414 A86115C2 CA9E1539 9B2A9C21 5853231E 2F3D9845 300D0609
2A864886 F70D0101 05050003 81810028 81D8F701 D6AFDC54 94A93185 1E5F4DAC
4DBF50B7 30B57ABD D1612E69 D964B77A A379F55C 7E823F42 4D01440C B237DED9
6B8047B7 0496D8BB BD7EAC18 E6ACA1B1 3B527172 4A7B0D7B 4A031168 F99B171D
D217CB06 2F31E4DF FD9AC1C9 1199869A 34E90671 5611A6DA 7CC6A7B0 A39F78FB
B3932E37 4B302779 E761DB00 AFA7CC
quit
license udi pid CISCO2821 sn FTX1327AH7A
username x privilege 15 secret 4 x
redundancy
ip ssh time-out 60
ip ssh authentication-retries 5
ip ssh version 2
interface GigabitEthernet0/0
description CONNECTION TO INSIDE INT. OF ASA
ip address 10.10.0.2 255.255.255.252
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1.1
description VLAN 10
encapsulation dot1Q 10
ip address 128.162.10.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface GigabitEthernet0/1.2
description VLAN 20
encapsulation dot1Q 20
ip address 128.162.20.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface GigabitEthernet0/1.3
description Trunk Interface VLAN1
encapsulation dot1Q 1 native
ip address 128.162.1.1 255.255.255.0
ip helper-address 192.168.1.2
ip virtual-reassembly in
interface Serial0/0/0
no ip address
shutdown
interface Serial0/1/0
no ip address
shutdown
interface Serial0/2/0
no ip address
shutdown
interface Dialer0
no ip address
ip default-gateway 10.10.0.1
ip forward-protocol nd
no ip http server
ip http authentication local
ip http secure-server
ip dns server
ip route 0.0.0.0 0.0.0.0 10.10.0.1
ip ospf name-lookup
access-list 1 permit any
dialer-list 1 protocol ip permit
snmp-server community Maladomini-RW RW
snmp-server host 192.168.1.2 version 2c Maladomini-RW envmon cpu snmp
control-plane
line con 0
exec-timeout 0 0
password 7 101D58415D361606050A147A
line aux 0
line vty 0 4
exec-timeout 0 0
password 7 15415A545C0B2F29213D0B73
transport input ssh
scheduler allocate 20000 1000
end
POE Switch:
C3560#sh run
Building configuration...
Current configuration : 7368 bytes
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname C3560
boot-start-marker
boot-end-marker
enable secret 5 $1$wzS5$Kl0aHmGjOrfNL8H8QN9gJ1
enable password 7 091F1F514124131F02023A7B
username mtuckness privilege 15 secret 5 $1$j68Z$ObA6K7Qc2Vsmyu479Hlh6/
aaa new-model
aaa session-id common
clock timezone MST -7
system mtu routing 1500
ip domain-name maladomini.int
password encryption aes
crypto pki trustpoint TP-self-signed-2488747392
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2488747392
revocation-check none
rsakeypair TP-self-signed-2488747392
crypto pki certificate chain TP-self-signed-2488747392
certificate self-signed 01
3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32343838 37343733 3932301E 170D3933 30333031 30303031
30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34383837
34373339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B715 1CCA0EFB 6D550F27 A4B9F403 7D1CBCCE AB363F89 61AF4773 64351010
AB866AA6 411463BC A7D9C6E3 0CA4EEEC 47C50D33 2F904AD1 8FC5B10B 8F204157
FB5B3A4C 78BD4BDF 14F79CCC D9A0E10B 909BF5BA 095BB9AC 722197D4 3C2CB70B
15D2A221 5FF8BC03 6A642B36 437B9E22 858BF597 F1844026 5DAF2114 EF75718D
EC3B0203 010001A3 74307230 0F060355 1D130101 FF040530 030101FF 301F0603
551D1104 18301682 14433335 36302E6D 616C6164 6F6D696E 692E696E 74301F06
03551D23 04183016 8014D364 9162E0D2 C7936513 1E1C677C 73D675EC 37FF301D
0603551D 0E041604 14D36491 62E0D2C7 9365131E 1C677C73 D675EC37 FF300D06
092A8648 86F70D01 01040500 03818100 2DE49969 2E9C7A81 E96B97A8 7E15BC69
2DA62233 C958092D 2E51DD59 526DA795 CBFE219E 3536852A 5F71A90A BF5016E0
F93FA6F7 55D9BA23 52A2858E B927E0FB B3DC6B20 28FBD64C 6FA956EC 3E6E8756
F12F7182 538D13AE E343674E 41A1BDE1 A42579F2 8070FC92 5C805995 7BA25FA5
3A89C4E5 C6B2D76F FF2C1CF9 6A8DF631
quit
spanning-tree mode pvst
spanning-tree portfast bpduguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
vlan internal allocation policy ascending
ip ssh time-out 60
ip ssh authentication-retries 5
ip ssh version 2
interface FastEthernet0/1
switchport mode access
spanning-tree portfast
interface FastEthernet0/2
switchport mode access
spanning-tree portfast
Removed interfaces
interface GigabitEthernet0/1
description CONNECTION TO 2821 ROUTER - TRUNK
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,10,20
switchport mode trunk
interface GigabitEthernet0/2
interface GigabitEthernet0/3
interface GigabitEthernet0/4
interface Vlan1
ip address 128.162.1.3 255.255.255.0
ip helper-address 192.168.1.2
no ip route-cache
no ip mroute-cache
interface Vlan10
ip address 128.162.10.3 255.255.255.0
ip helper-address 192.168.1.2
interface Vlan20
ip address 128.192.20.3 255.255.255.0
ip helper-address 192.168.1.2
ip default-gateway 10.10.0.2
no ip classless
ip http server
ip http authentication local
ip http secure-server
access-list 1 permit any
snmp-server community Maladomini-RW RO
snmp-server location Lovington NM USA
line con 0
exec-timeout 0 0
password 7 075C701416281D081E1C355D
line vty 0 4
password 7 0527031B2C49470758
transport input ssh
line vty 5 15
exec-timeout 0 0
password 7 05585757796D4A04100B2943
endI located the issue of the packet loss. I have a security system that uploads FTP images of the cameras and after the reboot of the network, the only computer that wasn't shut down was the security camera PC.
So I think what happened was after I brought everything back up, it was saturating the outgoing bandwidth, causing packet loss and high latency. Once I determined what it was and shut off the FTP image upload, the pings stabilized and it is working fine now. Trace routes are still not functioning, but I can live without that for now. -
Packet loss after bonding + vlan
Hi, I am hoping someone may help me with this issue:
I have a motherboard with 2 Intel NICs.
I created a bonding interface, mode = 4 (LACP), and assigned no IP to it.
create one vlan to internet (dhcp)
another vlan to local network (static)
both NICs are connected to the same switch, and LACP configured on the ports
Problem:
ping from this one to any other pingable hosts gave strange result, more or less half of the packets are lost.
when I pulled of one cable, the ping returned to normal...
something is definitively wrong here, tried to connect the ports to two diffrent switches, same result.
other computers using LACP has no such problem in the same network.
If someone has any idea, I will be very greatful. otherwise it seems to be a very time consuming problem to solve. (I have tried to google yesterday without success).
Thanks,
Last edited by leihuang (2013-09-17 06:19:42)I located the issue of the packet loss. I have a security system that uploads FTP images of the cameras and after the reboot of the network, the only computer that wasn't shut down was the security camera PC.
So I think what happened was after I brought everything back up, it was saturating the outgoing bandwidth, causing packet loss and high latency. Once I determined what it was and shut off the FTP image upload, the pings stabilized and it is working fine now. Trace routes are still not functioning, but I can live without that for now. -
Ping Packet Loss across MPLS TE Tunnels
Hello...Please Help,
I have a Single Area OPSF network running across 4 main routers via GigEth Ckts. The OSPF Network is working correctly. I recently implemented MPLS TE creating two Tunnels - One Explicit Path and One Dynamic Path. Two of the Routers also have a T1 Frame Relay Link over which the Explicit path is configured. It is up and woking but I am experiencing 50-60 percent packet loss when pinging between these PE routers. When I force it to the dynamic tunnel it follows the same FR path and experiences the same packet loss. There is no packet loss anywhere else in the network.
This is a Lab environment w/three LAN's Two 7206VXR & Two 3745 routers and Three 3550 Switches - one per LAN
Suggestions?Thank You for your response. The problem may not be an MPLS TE problem.
But would my "path-option" and "priority" being set the same for the Dynamic and Explicit Tunnels cause one tunnel to come up and the other go down and cease to signal. Right now I have one or the other working when viewed w/the "show mpls traffic-eng tunnels" command. If I take one down the other works.
The IPs are 10.1.101.1 & 2/30 respectively for the FR Link. That was a Typo...I have corrected it.
The FR interfaces are not SubInt's as the Serial Interface holds the IP address. These are strictly Point to Point but I have the "IP OSPF Network Broadcast" command set and OSPF going across them.
I have SubInt's set on the Gi0/3 Interface.
Gi0/3.1 & 3.10 for VLAN's 1 & 10
There are not any drops when pinging from Within the routers "Interface to Interface".
But when I ping the LAN Node to Node or from within the Router "if" I do not specify an "interface source" I receive the drops.
The result is the same from either side of the Network on both of the 7206 Routers.
Thanks, Kevin -
Verizon FIOS Intermittent Packet Loss Problem - How to Convince Verizon Support it's NOT ME
Hi,
I have been having a problem with Verizon FIOS Internet AND Phone since Thursday afternoon.
Basically I have intermittent outages several times a day of 15-40 seconds where my download doesn't work, but upload still does. This happens on BOTH my phone and internet. Therefore it's not my router or computer equipment causing the problem.
Here's what happens:
- On the internet: I have a periodic download problem where I can receive no data for about 15 - 40 seconds. After that it returns to normal
- On the phone: If I'm on the phone at the same time then during that period of internet loss I also can not hear anything that the person I am talking to says. However they can hear me just fine (ie. download only problem)
I have been talking to Verizon technical support and they have blamed my router and ONT. I have tried switching off the router, and using a different one. Also they have replaced the ONT twice.
* This problem occurs on BOTH the phone and internet at the same time. This clearly suggests the problem is not in my own house.
In fact I know exactly where the problem lies. I did a traceroute to google below:
Tracing route to google.com [74.125.113.106]
over a maximum of 30 hops:
1 4 ms 1 ms <1 ms 192.168.1.1
2 5 ms 4 ms 4 ms L300.NWRKNJ-VFTTP-122.verizon-gni.net [74.105.157.1]
3 9 ms 8 ms 7 ms G2-0-0-1822.NWRKNJ-LCR-08.verizon-gni.net [130.81.133.156]
4 11 ms 8 ms 7 ms P15-0.NWRKNJ-LCR-07.verizon-gni.net [130.81.30.148]
5 9 ms 6 ms 7 ms so-5-0-0-0.NWRK-BB-RTR1.verizon-gni.net [130.81.29.8]
6 7 ms 6 ms 7 ms 0.so-7-0-0.XL3.EWR6.ALTER.NET [152.63.19.177]
7 9 ms 10 ms 9 ms 0.so-1-0-1.XL3.NYC4.ALTER.NET [152.63.0.213]
8 9 ms 9 ms 9 ms TenGigE0-6-0-0.GW8.NYC4.ALTER.NET [152.63.22.41]
9 33 ms 31 ms 35 ms google-gw.customer.alter.net [152.179.72.62]
10 8 ms 11 ms 10 ms 209.85.252.215
11 18 ms 17 ms 16 ms 209.85.249.11
12 31 ms 29 ms 29 ms 209.85.241.222
13 30 ms 29 ms 29 ms 209.85.241.207
14 41 ms 39 ms 34 ms 209.85.243.1
15 27 ms 27 ms 29 ms vw-in-f106.1e100.net [74.125.113.106]
Trace complete.
Then I pinged each device for hops 2-4. When the problem occurs the first one in the hop - 74.105.157.1 - runs fine. The second device - 130.81.133.156 - times out, and all other devices further down the chain time out. This clearly suggest that the device:
130.81.133.156 has major problems.
I have mentioned this to tech support, but they have no way for me to send them logs. Apparently the support technicians at Verizon can not be trusted with even the most basic of tools like email and the web. They also shield me from the NT (Network technician), who is so special that even the tech support guys are only allowed to text chat with him, not actually talk to him. I have enough logs here to clearly show what the problem is.
The latest from tech support is that they are sending yet another guy by my house tomorrow to witness this problem firsthand. Then he will call support that will text chat with the NT, and MAYBE they'll start thinking it's not me.
My main question here is: "How do I get Verizon to believe it really could be a problem in their own network?"
Here are some threads from last year that explain exactly the same problem I'm having. So it wasn't just me:
http://forums.verizon.com/t5/FiOS-TV-Technical-Assistance/Verizon-FIOS-intermittent-connection-drops...
http://forums.verizon.com/t5/FiOS-Internet/Intermittent-Network-Timeouts/m-p/28138
One person said Verizon finally fixed it by replacing a PON card. I'm not sure if this is the same problem as that though.
I am an avid Starcraft player and this is driving me crazy because I am getting dropped from my games all the time. Also phone conversations suck when there's these big lags where I can't hear who I'm talking to.
I have had Verizon FIOS internet for 3 years now and this is the first problem I've ever had with it. But I'm starting to get majorly frustrated at how long it's taking to resolve the problem.
Here is a sample of the ping logs I was talking about for different devices all at the same time.
Device 2 in the Trace Route:
Reply from 74.105.157.1: bytes=32 time=78ms TTL=126
Reply from 74.105.157.1: bytes=32 time=57ms TTL=126
Reply from 74.105.157.1: bytes=32 time=41ms TTL=126
Reply from 74.105.157.1: bytes=32 time=35ms TTL=126
Reply from 74.105.157.1: bytes=32 time=34ms TTL=126
Reply from 74.105.157.1: bytes=32 time=41ms TTL=126
Reply from 74.105.157.1: bytes=32 time=43ms TTL=126
Reply from 74.105.157.1: bytes=32 time=59ms TTL=126
Reply from 74.105.157.1: bytes=32 time=24ms TTL=126
Reply from 74.105.157.1: bytes=32 time=48ms TTL=126
Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
Reply from 74.105.157.1: bytes=32 time=4ms TTL=126
Reply from 74.105.157.1: bytes=32 time=3ms TTL=126
Reply from 74.105.157.1: bytes=32 time=20ms TTL=126
Reply from 74.105.157.1: bytes=32 time=19ms TTL=126
Reply from 74.105.157.1: bytes=32 time=18ms TTL=126
Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
Reply from 74.105.157.1: bytes=32 time=37ms TTL=126
Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
Reply from 74.105.157.1: bytes=32 time=16ms TTL=126
Device 3 in the Trace Route:
Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=10ms TTL=253
Reply from 130.81.133.156: bytes=32 time=9ms TTL=253
Reply from 130.81.133.156: bytes=32 time=10ms TTL=253
Reply from 130.81.133.156: bytes=32 time=13ms TTL=253
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
Reply from 130.81.133.156: bytes=32 time=6ms TTL=253
Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
Reply from 130.81.133.156: bytes=32 time=14ms TTL=253
Device 4 in the Trace Route:
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
Any help, thoughts, suggestions, etc would be great appreciated!
~DavidI understand your logic, but you have not eliminated 74.105.157.1 as the problem. It could be allowing packets out, like outside callers hearing you, but not allow them back in. Since you have results pinging out, trying ping back in. Use this packet loss tool. You do not need to catch it when it's not working because this tool will ping your IP address (and all the hops in between) for up to 7 days. You will easily see when packet loss is occurring.
If it can successfully ping 74.105.157.1 when the problem occurrs, then 130.81.133.156 is not the issue. This may not help dealing with the personalities at Verizon, but it will help definitively knowing which device is the issue. -
Bouts of packet loss and complete loss of connection
Ok forum, I give up! I need your help.
I have an E1200 and am time out and packet loss issues. The internet connection is fine for 30 seconds to five minuets and then everything times out for 15-20 seconds. Although it’s only a minor incontinence to web browsing, it makes playing games and watching videos a nightmare. “Lost connection to server error.” and the like…
This is what I have done to remedy the problem.
I upgraded to a new router, the e1200 I am currently using, from my Tenda 10/100 N. The problems where the same that I am experience currently and the reason I bought it in the firs place.
When I directly connect to the cable modem, I have no issues and everything is fine.
I have run a trace route and the second hop, (the router to the modem) is the choke point.
I have cloned the MAC address
I have updated the firmware and hard reset
I have throttled my MTU to automatic, 1500, and 1472. None making any difference.
I have disabled NAT and all that does is kill my internet connection
I have disabled all firewalls router and windows, no change.
I replaced the physical wire from the router to the modem.
I have disconnected all devices except one computer, and no difference.
I ran a DNS trace and I have… non routable local internet address 192.168.1.1
DNS-cac-lb-01.rr.com and DNS-cac-lb-02.rr.com
I am using windows 7 and my ISP is time Warner so-cal. Help me obiwan, you’re my only hope.Sorry friend. I have not had the gaul to load the 1.0 firmware. I am 99% sure I have the 2.0 hardware. I did however unplug my modem for an hour and then try and reconnect. The result was a lossless environment for fifteen to twenty minuets (a long time for me.). But, I am right back still having the same problem. A friend gave me a new netgear router, I am going to try that and I am going to go to Timewarner and have them replace my modem just to make sure there is nothing wrong with the surfboard. I will report back with my findings.
-
Tons of packet loss and Verizon techs say its fine
As you can see from the below test ran from dslreports.com, I'm having a lot of packet loss issues. This has been going on for nearly two weeks now and tech support has been more of an annoyance than a help upto this point. I've talked to tech support at least 5 times only to be told my line test comes back fine, its normal, reset your modem, delete your cookies, is your pc old, etc. I've even had them vpn itno my system and run pings and they see the packet loss and all the issues I'm having first hand and still say it isn't a big deal. On more than one occasion I've had my modem data light just flashing and had to reset the modem and they suggest I just buy a new modem. Seriously, is this how bad tech support has gotten?
I've shown them test after test after test and the all come back pretty much the same... The thing is its been perfect for years and suddenly this and its like tech support wants to sweep it under the rug or something. I've had it suggested to me the packet loss and high pings when I'm not getting the packet loss is due to my pool being over populated. Like I'm ow getting ping averages of 250-300 instead of 30-40s, again when its not all timing out.
I've posted over on the dslreports forums asking about this as well as in the Verizon specific forums to the techs all with 0 replies from anything and was told to come here and see if anyone would be able to help.
I really not bother with the hassle of switching isps as ive been a loyal Verizon dsl customer for well over 5 years but at this point just knowing how bad tech support is alone might make me want to.
Can anyone offer any insight on what else to do or help on this possibly?
Thanks.
Test Loss Min
Latency Avg
Latency Max
Latency Pass
Fail Simple ping loss check
10secs of 40byte packets 2 per second 5% loss 137ms 141ms 148ms
warn low bandwidth stream
10secs of 56k/bit ping stream 512byte packets 6% loss 142ms 147ms 154ms
warn medium bandwidth stream
10secs of 128k/bit ping stream 512byte packets 2% loss 140ms 147ms 173ms
pass your first hop ping
stream of 40byte pings to 130.81.44.101 4% loss 118ms You are 19ms
to your first hop
pass Ping plot:
Ping plot:
From East Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 ae-2.bb-b.slr.lxa.us.oneandone.net 0% 60 60 0.46 2.29 59.98 1 te-2-1.bb-b.ms.mkc.us.oneandone.net 0% 60 60 0.92 1.89 36.10 2 64.209.105.233 0% 60 60 13.97 41.38 948.69 3 0.xe-8-2-0.BR3.CHI13.ALTER.NET 0% 60 60 26.13 30.80 80.28 4 0.ae3.CHI01-BB-RTR1.verizon-gni.NET 0% 60 60 26.49 27.84 88.62 5 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 54.25 55.01 56.32 6 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 0% 60 60 116.80 121.05 130.35 7 pool-71-171-24-94.nwrknj.east.verizon.net 14% 52 60 142.49 147.61 169.10 (fail) From West Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 unknown.Level3.net 2% 59 60 0.64 16.67 150.86 1 ae-4-99.edge1.SanJose3.Level3.net 4% 58 60 1.15 5.12 59.35 2 4.68.63.146 0% 60 60 1.25 3.31 55.27 3 0.ae3.XL3.SJC7.ALTER.NET 0% 60 60 1.25 1.68 9.80 4 0.ge-6-3-0.XT1.DCA6.ALTER.NET 0% 60 60 75.58 77.85 108.89 5 0.so-4-0-0.RES-BB-RTR1.verizon-gni.net 0% 60 60 75.52 80.78 136.25 6 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 90.25 91.97 94.08 7 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 2% 59 60 154.03 159.68 164.42 8 pool-71-171-24-94.nwrknj.east.verizon.net 4% 58 60 175.74 183.27 187.00 (fail)As you can see from the below test ran from dslreports.com, I'm having a lot of packet loss issues. This has been going on for nearly two weeks now and tech support has been more of an annoyance than a help upto this point. I've talked to tech support at least 5 times only to be told my line test comes back fine, its normal, reset your modem, delete your cookies, is your pc old, etc. I've even had them vpn itno my system and run pings and they see the packet loss and all the issues I'm having first hand and still say it isn't a big deal. On more than one occasion I've had my modem data light just flashing and had to reset the modem and they suggest I just buy a new modem. Seriously, is this how bad tech support has gotten?
I've shown them test after test after test and the all come back pretty much the same... The thing is its been perfect for years and suddenly this and its like tech support wants to sweep it under the rug or something. I've had it suggested to me the packet loss and high pings when I'm not getting the packet loss is due to my pool being over populated. Like I'm ow getting ping averages of 250-300 instead of 30-40s, again when its not all timing out.
I've posted over on the dslreports forums asking about this as well as in the Verizon specific forums to the techs all with 0 replies from anything and was told to come here and see if anyone would be able to help.
I really not bother with the hassle of switching isps as ive been a loyal Verizon dsl customer for well over 5 years but at this point just knowing how bad tech support is alone might make me want to.
Can anyone offer any insight on what else to do or help on this possibly?
Thanks.
Test Loss Min
Latency Avg
Latency Max
Latency Pass
Fail Simple ping loss check
10secs of 40byte packets 2 per second 5% loss 137ms 141ms 148ms
warn low bandwidth stream
10secs of 56k/bit ping stream 512byte packets 6% loss 142ms 147ms 154ms
warn medium bandwidth stream
10secs of 128k/bit ping stream 512byte packets 2% loss 140ms 147ms 173ms
pass your first hop ping
stream of 40byte pings to 130.81.44.101 4% loss 118ms You are 19ms
to your first hop
pass Ping plot:
Ping plot:
From East Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 ae-2.bb-b.slr.lxa.us.oneandone.net 0% 60 60 0.46 2.29 59.98 1 te-2-1.bb-b.ms.mkc.us.oneandone.net 0% 60 60 0.92 1.89 36.10 2 64.209.105.233 0% 60 60 13.97 41.38 948.69 3 0.xe-8-2-0.BR3.CHI13.ALTER.NET 0% 60 60 26.13 30.80 80.28 4 0.ae3.CHI01-BB-RTR1.verizon-gni.NET 0% 60 60 26.49 27.84 88.62 5 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 54.25 55.01 56.32 6 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 0% 60 60 116.80 121.05 130.35 7 pool-71-171-24-94.nwrknj.east.verizon.net 14% 52 60 142.49 147.61 169.10 (fail) From West Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 unknown.Level3.net 2% 59 60 0.64 16.67 150.86 1 ae-4-99.edge1.SanJose3.Level3.net 4% 58 60 1.15 5.12 59.35 2 4.68.63.146 0% 60 60 1.25 3.31 55.27 3 0.ae3.XL3.SJC7.ALTER.NET 0% 60 60 1.25 1.68 9.80 4 0.ge-6-3-0.XT1.DCA6.ALTER.NET 0% 60 60 75.58 77.85 108.89 5 0.so-4-0-0.RES-BB-RTR1.verizon-gni.net 0% 60 60 75.52 80.78 136.25 6 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 90.25 91.97 94.08 7 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 2% 59 60 154.03 159.68 164.42 8 pool-71-171-24-94.nwrknj.east.verizon.net 4% 58 60 175.74 183.27 187.00 (fail) -
Packet loss when flood pinging a Mac
I had some trouble transferring large files between my iMac and my MBP the other day and so started a bit of investigation. Mistake really - here is what I found:
All mac targets are running up-to-date Leopard and use intel processors.
The home network has a linksys wireless router - all devices connected by copper.
flood ping tests with command 'sudo ping -f <target>:
from iMac to MBP shows 30% packet loss
from MBP tp iMac shows 33% packet loss
from iMac to windows laptop 0% packet loss
from iMac to linksys router 0% packet loss
from iMac to Freecom NAS box 0% packet loss
from MBP to windows laptop 0% packet loss
from MBP to linksys router 0% packet loss
from MBP to Freecom NAS box 0% packet loss
I took the macbook to work and picked targets on another site, several busy switch hops away.
from MBP to windows desktop 0% packet loss
from MBP to another iMac 26% packet loss
from MBP to mac mini 28% packet loss
from MBP to linux server 0% packet loss
from linux server to MBP 32% packet loss
The firewall is off on all the targets.
Seem clear enough - Mac machines can't handle high ping loads. It is no good telling me they don't have to. If they can answer a ping at all, they should be able to handle the load. It is a perfectly acceptable way of stress testing the link. File transfers are generally not an issue but now I want to know...
Why can't the macs handle the ping floods?
Is this indicative of any other weakness in the IP stack?
PeteI had a suspicion of packet loss on my internet connection but could not be certain it was the ISP at fault. The fact that I had been having trouble transferring large files between my machines led me to look for possible local problems.
Network fault finding should always examine the hardware first so I wanted to see if there was anything about the cabling or the router which might be causing packet loss.
Actually copying data about the network is a pretty poor way to test things because you have several additional layer of complexity that can colour the results.
When I had narrowed down the flood ping packet loss to the macs, I went hunting on the 'net. There were plenty of people who were reporting various kinds of packet loss. Enough of them that I wondered if there was something more to it. Some of them were talking about similar symptoms to mine. The respondents usually answered a question other than the one asked so I thought I would put up some tests and see if there was actually a problem anywhere.
Now I know it is a 'feature' rather than a fault, I can work around it.
Thanks anyway
Pete -
Home Hub 3.0 vs Home Hub 2.0 packet loss
So I upgraded the BT package that our family is on today, and with it came the Home Hub 3.0. Happy right? Better wireless, less connection problems etc... No.
For some reason, since upgrading, I get random moments of massive packet loss. Up to 50% packets are lost for periods of up to 5 minutes. I've tried resetting the router, tried turning it off for ten minutes etc but still get regular moments of packet loss.
My internet is not interleaved at the moment so that could be a problem, however before switching to the 3.0 i never had any packet loss with non-interleaved internet (on the 2.0 homehub).
Could anyone help me?!
Thanks
Solved!
Go to Solution.ADSL Line Status
Connection Information
Line state:
Connected
Connection time:
0 days, 03:12:19
Downstream:
7.813 Mbps
Upstream:
448 Kbps
ADSL Settings
VPI/VCI:
0/38
Type:
PPPoA
Modulation:
G.992.1 Annex A
Latency type:
Fast
Noise margin (Down/Up):
9.1 dB / 24.0 dB
Line attenuation (Down/Up):
35.5 dB / 19.5 dB
Output power (Down/Up):
19.9 dBm / 12.1 dBm
FEC Events (Down/Up):
0 / 202
CRC Events (Down/Up):
91236 / 426
Loss of Framing (Local/Remote):
0 / 0
Loss of Signal (Local/Remote):
0 / 0
Loss of Power (Local/Remote):
0 / 0
HEC Events (Down/Up):
619777 / 655
Error Seconds (Local/Remote):
2173 / 506
est1 comprises of Best Effort Test: -provides background information.
Download Speed
4095 Kbps
0 Kbps
7150 Kbps
Max Achievable Speed
Download speedachieved during the test was - 4095 Kbps
For your connection, the acceptable range of speeds is 600-7150 Kbps.
Additional Information:
Your DSL Connection Rate :8000 Kbps(DOWN-STREAM), 448 Kbps(UP-STREAM)
IP Profile for your line is - 4500 Kbps
I did a quiet line test and it sounded quiet.
Thanks for your answer, just hope someone can help me resolve it now -
Help- WDS with Extreme-N & 2x Airport Express with ~ 40% packet loss
So this problem is driving me crazy. I recently moved into a house that has enough metal in the walls (don't ask) to prevent me from using a single base station so I expanded my network as a WDS utilizing an Airport Extreme (mixed NGB mode) and two Airport Express (one as a relay and one as remote). The configuration appears to work normally some times but other times (especially evenings) I get a very high rate of dropped packets between the client notes (which are connected through the WDS-enabled Expresses) and the base station (using a simple ping 10.0.1.1 to check connectivity to the APBS-N). The problem manifests itself from a users' perspective as very long DNS lookups which causes slow page loads in a browser but it's very reproducible via ping.
So far I've tried changing the channels on the network but I haven't seen a huge payoff there. iStumbler reports no additional networks on channel 2 which I'm using, there are some on channel 1, 5, and 13. I've also tried channels 7 and 11. We have no microwave in the house and our cordless phone (5.8ghz) never interrupted with our simpler Express-based network at our old house, n/m the fact that the phone is never in use when we have this problem.
I don't seem to see the problem when I'm local to (in the same room as) the AEBS; it really seems to happen only when I'm on the WDS-enabled remote and/or relay.
Other data points that may help are that the AEBS-N drops out of the Airport utility at the same time. Sometimes isn't gone for 30 seconds, other times for > 30 minutes. The other base stations continue to report "Green" in that they are not having any WDS problems. If I disconnect the remote node the relay will correctly reflect a status of yellow, so I know it somewhat works.
It's an open network (no encryption, open SSID) so it's unlikely that there's an issue there.
Clients include an Apple TV, iBook G4, MacBook, Tivo Series 3, Intel Mini and Dell Latitude D810. Because of the diversity of clients I don't think it's a driver or NIC adapter issue on any of the clients.
Does anyone have any experience working in a similar environment? Suggestions on troubleshooting packet loss (or other performance issues) in a WDS network?
Thanks,
MikeHello errorsupply. Welcome to the Apple Discussions!
I suggest downloading a copy of iStumbler. Use iStumbler's Inspector feature (select Edit > Inspector from iStumbler's menu) to determine the Signal-to-Noise Ratio (SNR) at different points around your house, by performing a simple RF site survey. Within the Inspector, note the values for "signal" & "noise" at these locations. Start with your MacBook near the main base station, note the readings, and then, choose the locations where you have the relay and remote base stations.
SNR is the signal level (in dBm) minus the noise level (in dBm). For example, a signal level of -53dBm measured near an access point and typical noise level of -90dBm yields a SNR of 37dB, a healthy value for wireless LANs.
The SNR, as measured from the MacBook, decreases as the range to the base station increases because of applicable free space loss. Also an increase in RF interference from microwave ovens and cordless phones, which increases the noise level, also decreases SNR.
SNR Guideline
o 40dB+ SNR = Excellent signal
o 25dB to 40dB SNR = Very good signal
o 15dB to 25dB SNR = Low signal
o 10dB to 15dB SNR = Very low signal
o 5dB to 10dB SNR = No signal
If the SNR is 20dB+ at each of these locations, then you should be getting reasonable performance from your AirPorts. If less, either try to locate/eliminate the source of the Wi-Fi interference or try relocating the relay and/or remote base station until they are within a 20dB SNR range of the main (and for the remote, of the relay). -
EEM- Email alert with IP SLA Based on Packet Loss
hi joseph,
i need your advise, i want to get alert email based on IP SLA Packet loss
the scenarion as below :
1. If the traffic hit threshold packet loss greater than 20% as long 15 minutes --> send email
2. If reset condition packet loss eq 0% as long 15 minutes --> send email again
I don't know how to configure it condition. could you help me to verify my configuration below?
ip sla logging traps
ip sla 1
icmp-jitter 10.216.0.105 source-ip 10.216.0.107 num-packets 100 interval 40
frequency 50
ip sla schedule 1 life forever start-time now
ip sla reaction-configuration 1 react Packetloss threshold-value 3 1 threshold-type immediate action-type trapOnly
ip sla enable reaction-alerts
event manager applet TEST
event syslog pattern "IP SLAs\(1\): Threshold exceeded"
action 2.0 mail server "10.240.0.10" to "[email protected]" from "[email protected]" subject "Alert for Intermittent Link" body "link intermittent in x %"
thank youWhat's you have could work with a few modifications. First, increase that threshold-value of 3 to 20. You can leave the falling threshold value of 1. You'll need to add another applet to match the falling threshold syslog message. Not sure exactly what that one will look like.
The first applet will look like this:
event manager environment q "
event manager applet ipsla-threshold-exceeded
event syslog pattern "IP SLAs\(1\): Threshold exceeded"
action 001 cli command "enable"
action 002 cli command "config t"
action 003 cli command "no event manager applet ipsla-healthy"
action 004 cli command "event manager applet ipsla-unhealthy"
action 005 cli command "event timer countdown time 900"
action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Alert for Intermittent Link$q body $q link intermittent in 20 %$q"
action 007 cli command "action 2.0 cli command enable"
action 008 cli command "action 3.0 cli command $q config t$q"
action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-unhealthy$q"
action 010 cli command "action 5.0 cli command end"
action 011 cli command "end"
And the second applet (the one where you'll need to fill in the appropriate syslog pattern) will look like:
event manager applet ipsla-threshold-normal
event syslog pattern "FALLING THRESHOLD PATTERN HERE"
action 001 cli command "enable"
action 002 cli command "config t"
action 003 cli command "no event manager applet ipsla-unhealthy"
action 004 cli command "event manager applet ipsla-healthy"
action 005 cli command "event timer countdown time 900"
action 006 cli command "action 1.0 mail server $q 10.240.0.10$q to $q [email protected]$q from $q [email protected]$q subject $q Link is stable$q body $q Link has been stable for 15 minutes$q"
action 007 cli command "action 2.0 cli command enable"
action 008 cli command "action 3.0 cli command $q config t$q"
action 009 cli command "action 4.0 cli command $q no event manager applet ipsla-healthy$q"
action 010 cli command "action 5.0 cli command end"
action 011 cli command "end" -
NIC teaming creates packet loss (Windows 2008 R2)?
I'm experiencing some packet loss to all of our VMs that we didn't have before we made some changes to our Hyper-V implementation (Windows 2008 R2). Most of the VMs also run 2008 R2 - with 3 that run Server 2003.
The host server is a Dell R610 with three 4 port NICS - two Intel quad port gigabit and a quad port Broadcom.
We us the individual ports of the Broadcom for host management and live migration - no problems here. We use the Intel cards for both iSCSI and VM networks. Calling the two intel cards “A” and “B”, and the ports P1-4 we've used AP1, AP2, BP1, BP2 (ports
1 & 2 of both Intel NICs) for iSCSI connections, and we've created a NIC Team with AP3, AP4, BP3, and BP4 (ports 3 and 4 of both Intel NICs). The team type is "Virtual Machine Load Balancing". We then created a Hyper-V switch based on this team
for use with all of the VMs created on the host. (as a side note: prior to implementing the NIC team, we just had 4 Hyper-V switches, one associated with each of these 4 ports.)
The 4 ports of the NIC team are connected to two different Cisco SG200 switches - AP3 and BP3 are connected to switch1, and AP4 and BP4 are connected to switch2 (in an attempt to maximize redundancy). The two Cisco SG200s are simply connected to the rest
of our network - each to a different switch within the subnet. There is minimal configuration done to the SG200s (for example NO
link aggregation); spanning tree is enable however.
My question is: can the network cables be connected to different switches (as they currently are) and if so is there some configuration piece (either on the switch or within Windows) that I'm missing?
What are the options here if this configuration is incorrect? The packet loss is in the range of 0.1%, but we've had odd spikes where a VM was essentially unavailable for a brief period (a few minutes) then returned to "normal" (0,1% loss).
Pinging a device (like the SG200 itself) or another physical server (for example our domain controller or the hyper-v host itself) results in essentially 0 loss; maybe one or two packets during the course of a 12 hour ping (this was the “normal” ping
response to VMs before we created the NIC team, so I’m quite sure this has something to do with it).
Thanks in advance!I believe when utilizing the Virtual Machine Load Balancing the ports must be connected to the same switch, stack, or chassis as the arp for the MAC could move. I believe, although I could be wrong, that the outages you see is when the machine "moves"
between ports and the arp being updated between the two switches.
I believe you are looking for switch fault tolerance teaming which will allow for the failure of adapter, cabling, or switch which will achieve your goal of maximum redundancy. This is achieved via spanning tree on the switches, which you indicated
is already configured.
Maybe you are looking for
-
Reading a file and put it in a String
I have a file and I want to put its rows in an array of strings I've done that File file = new File("./arguments/tabsArguments.txt"); FileReader fileReader = new FileReader(file); String mystring; fileReader.read(mystring,0,20); for (int i=0;i<i_stri
-
Dynamic Table - Add rows and columns in same table
Hi there, I wonder if someone could help please? I'm trying to create and table where a user can add both rows and columns (preferably with separate buttons) but am having trouble trying to figure out how to do this. Is it possible? If so how? I'm no
-
Hi All, I am new apps DBA, Below query is giving - > 1 - Select NOTIFICATION_ID, MESSAGE_TYPE, MESSAGE_NAME, STATUS, MAIL_STATUS, FROM_USER, TO_USER from wf_notifications where MAIL_STATUS='FAILED'; STATUS (open and closed) and MAIL_STATUS faield. Pl
-
Spotlight can't find custom label
spotlight can't find custom labels and also custom labels, could someone know solution? IOS8.1, iphone 6
-
Downloading in Melbourne...Australia. YAY
I simply closed itunes and reopened to find it after the update button! GO GO GO