How to simulate packet loss in TCP?

Similar Messages

• How to watch packets in a TCP/IP stream

  hi
  can anyone tell me how to watch packets in a TCP/IP stream using jpcap??

  You could read the JPCAP documentation... it surely has one.

• Verizon FIOS Intermitte​nt Packet Loss Problem - How to Convince Verizon Support it's NOT ME

  Hi,
  I have been having a problem with Verizon FIOS Internet AND Phone since Thursday afternoon.
  Basically I have intermittent outages several times a day of 15-40 seconds where my download doesn't work, but upload still does. This happens on BOTH my phone and internet. Therefore it's not my router or computer equipment causing the problem.
  Here's what happens:
  - On the internet: I have a periodic download problem where I can receive no data for about 15 - 40 seconds. After that it returns to normal
  - On the phone: If I'm on the phone at the same time then during that period of internet loss I also can not hear anything that the person I am talking to says. However they can hear me just fine (ie. download only problem)
  I have been talking to Verizon technical support and they have blamed my router and ONT. I have tried switching off the router, and using a different one. Also they have replaced the ONT twice.
  * This problem occurs on BOTH the phone and internet at the same time. This clearly suggests the problem is not in my own house.
  In fact I know exactly where the problem lies. I did a traceroute to google below:
  Tracing route to google.com [74.125.113.106]
  over a maximum of 30 hops:
    1     4 ms     1 ms    <1 ms  192.168.1.1
    2     5 ms     4 ms     4 ms  L300.NWRKNJ-VFTTP-122.verizon-gni.net [74.105.157.1]
    3     9 ms     8 ms     7 ms  G2-0-0-1822.NWRKNJ-LCR-08.verizon-gni.net [130.81.133.156]
    4    11 ms     8 ms     7 ms  P15-0.NWRKNJ-LCR-07.verizon-gni.net [130.81.30.148]
    5     9 ms     6 ms     7 ms  so-5-0-0-0.NWRK-BB-RTR1.verizon-gni.net [130.81.29.8]
    6     7 ms     6 ms     7 ms  0.so-7-0-0.XL3.EWR6.ALTER.NET [152.63.19.177]
    7     9 ms    10 ms     9 ms  0.so-1-0-1.XL3.NYC4.ALTER.NET [152.63.0.213]
    8     9 ms     9 ms     9 ms  TenGigE0-6-0-0.GW8.NYC4.ALTER.NET [152.63.22.41]
    9    33 ms    31 ms    35 ms  google-gw.customer.alter.net [152.179.72.62]
   10     8 ms    11 ms    10 ms  209.85.252.215
   11    18 ms    17 ms    16 ms  209.85.249.11
   12    31 ms    29 ms    29 ms  209.85.241.222
   13    30 ms    29 ms    29 ms  209.85.241.207
   14    41 ms    39 ms    34 ms  209.85.243.1
   15    27 ms    27 ms    29 ms  vw-in-f106.1e100.net [74.125.113.106]
  Trace complete.
  Then I pinged each device for hops 2-4. When the problem occurs the first one in the hop - 74.105.157.1 - runs fine. The second device - 130.81.133.156 - times out, and all other devices further down the chain time out. This clearly suggest that the device:
  130.81.133.156 has major problems.
  I have mentioned this to tech support, but they have no way for me to send them logs. Apparently the support technicians at Verizon can not be trusted with even the most basic of tools like email and the web. They also shield me from the NT (Network technician), who is so special that even the tech support guys are only allowed to text chat with him, not actually talk to him. I have enough logs here to clearly show what the problem is.
  The latest from tech support is that they are sending yet another guy by my house tomorrow to witness this problem firsthand. Then he will call support that will text chat with the NT, and MAYBE they'll start thinking it's not me.
  My main question here is: "How do I get Verizon to believe it really could be a problem in their own network?"
  Here are some threads from last year that explain exactly the same problem I'm having. So it wasn't just me:
  http://forums.verizon.com/t5/FiOS-TV-Technical-Ass​istance/Verizon-FIOS-intermittent-connection-drops​...
  http://forums.verizon.com/t5/FiOS-Internet/Intermi​ttent-Network-Timeouts/m-p/28138
  One person said Verizon finally fixed it by replacing a PON card. I'm not sure if this is the same problem as that though.
  I am an avid Starcraft player and this is driving me crazy because I am getting dropped from my games all the time. Also phone conversations suck when there's these big lags where I can't hear who I'm talking to.
  I have had Verizon FIOS internet for 3 years now and this is the first problem I've ever had with it. But I'm starting to get majorly frustrated at how long it's taking to resolve the problem.
  Here is a sample of the ping logs I was talking about for different devices all at the same time.
  Device 2 in the Trace Route:
  Reply from 74.105.157.1: bytes=32 time=78ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=57ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=41ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=35ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=34ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=41ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=43ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=59ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=24ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=48ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=5ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=4ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=3ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=20ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=19ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=18ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=37ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=17ms TTL=126
  Reply from 74.105.157.1: bytes=32 time=16ms TTL=126
  Device 3 in the Trace Route:
  Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=10ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=9ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=10ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=13ms TTL=253
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=7ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=6ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=8ms TTL=253
  Reply from 130.81.133.156: bytes=32 time=14ms TTL=253
  Device 4 in the Trace Route:
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Request timed out.
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=8ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=7ms TTL=252
  Reply from 130.81.30.148: bytes=32 time=6ms TTL=252
  Any help, thoughts, suggestions, etc would be great appreciated!
  ~David

  I understand your logic, but you have not eliminated 74.105.157.1 as the problem.  It could be allowing packets out, like outside callers hearing you, but not allow them back in. Since you have results pinging out, trying ping back in. Use this packet loss tool.  You do not need to catch it when it's not working because this tool will ping your IP address (and all the hops in between) for up to 7 days. You will easily see when packet loss is occurring.
  If it can successfully ping 74.105.157.1 when the problem occurrs, then 130.81.133.156 is not the issue. This may not help dealing with the personalities at Verizon, but it will help definitively knowing which device is the issue.

• How do I fix 100% packet loss?

  I have an 8mb connect but i roughly get like 4-5mb. I think i have the homehub version 1 or 1.5.
  When i search for servers on Counter Strike Source and team fortress the whole interenet just resets and no servers found. I posted on the steam forums and they said it wass to do with packet loss.
  I tried to test for packet loss on http://freeola.com/line-test/ and it says i have 100% packet loss then i tried on http://pingtest.net/ and it was unable to test for packet loss.
  How do i fix 100% packet loss?

  matrixrory wrote:
  I have an 8mb connect but i roughly get like 4-5mb. I think i have the homehub version 1 or 1.5.
  When i search for servers on Counter Strike Source and team fortress the whole interenet just resets and no servers found. I posted on the steam forums and they said it wass to do with packet loss.
  I tried to test for packet loss on http://freeola.com/line-test/ and it says i have 100% packet loss then i tried on http://pingtest.net/ and it was unable to test for packet loss.
  How do i fix 100% packet loss?
  Hi. Welcome to the forums.
  I tried both, and the freeola one failed with 100% packet loss, but the pingtest site returned 0% packet loss.
  I expect the former is being blocked by firewall/router as expected.
  Seems like they aren't quite doing the same thing.
  http://www.andyweb.co.uk/shortcuts
  http://www.andyweb.co.uk/pictures

• CSCub04965 - TCP Session hung causing Packet loss

  FYI - We have experienced this problem in the 2951 router running 15.1(4) IOS.

  I located the issue of the packet loss. I have a security system that uploads FTP images of the cameras and after the reboot of the network, the only computer that wasn't shut down was the security camera PC.
  So I think what happened was after I brought everything back up, it was saturating the outgoing bandwidth, causing packet loss and high latency. Once I determined what it was and shut off the FTP image upload, the pings stabilized and it is working fine now. Trace routes are still not functioning, but I can live without that for now.

• E4200 - terrible G-only speed, packet loss and throughput variation

  Got this router today, was disappointed to see it fail simple performance tests using wireless G on out-of-the-box firmware 1.0.0.1 and after upgrading to 1.0.0.2.
  I tried mixed/G/G+B modes, optimal positioning of the router, manual channels 1,5,6,11 and auto channel, security disabled and 5Ghz disabled, rebooting and power cycling - no difference. I also went on to try a total of 3 different laptops again with no difference (they have Atheros, Realtek and Intel chipsets, all 802.11g, no 802.11n)
  Uplink and downlink speeds from WLAN to LAN are consistenly poor (tested using Jperf and Qcheck), with uplink to the router being consistently worse. For example, at my favoured location a few metres from the router with very good signal strength, an Orange Livebox 1.2 (or 'Livebox Mini', which is a standard ISP provided router here in the UK) gives rock solid 22Mbps up and down, a humble Sagem 2504N gives rock solid 21Mbps up and down, the E4200 gives about 11Mbps up and 13Mbps down, even though signal strength at this location as reported by Inssider is in fact highest from the E4200. Wherever I try it, like for like, the E4200 throughput underperforms massively for any wireless router let alone a top-of-the-range model. Even right next to the router, I only seem to get an average of about 18Mbps down, not the full 22Mbps I would expect from 802.11g.
  I also see great throughput variation on these tests. So, I ran ping tests from the cmd line (from wireless to a wired computer on the E4200), and sure enough there is packet loss. There is no packet loss on any of my other routers. I also put the E4200 into bridge mode and used it as a wireless access point to another router, again there was packet loss and throughput variation. Coming here to post, I saw some other threads about packet loss, I can confirm I am another user seeing the same thing.
  Comments/comparisons/ideas for fixes welcome, but I'm sorry to say, this router is obviously going back.

  Thanks, but Cisco Connect did not help.
  I am using this router as a wireless access point, without connecting a modem to the WAN port. Cisco Connect did not like this one bit and would not proceed because it could not detect an Internet Connection. It then tried to send a report of why installation had failed over the internet
  Not that I should have to use Cisco Connect to avoid packet loss and extremely poor speeds anyway! Nothing I have seen in the Linksys documentation or during setup suggests it will alter performance so I don't know how it would help anyway  (the router page only warned that configuring manually meant my network could be left unsecured).
  I don't know what the speed tests are through Cisco Connect, because I cannot install it and I can't find a user guide to the software, not even on the installation disc. I don't see how these speed tests will change anything though, how can they give meaningful, different results of a simple TCP throughput test, as I performed using Jperf/Iperf and IxChariot.

• Packets Loss Correction in RTP video transmission

  Hi to all,
  I have to write a program for video streaming between PCs and for this purpose I use the JMF/RTP.
  To simulate the packets loss I use a specific program on another PC linked between the Server and the Client.
  How could I use like "error-correcting code" for the packets recovery?
  Exist some code or libraries that support this system?
  Thank you in advantage.

  UP

• Excessive Packet Loss 1.87 Mb/s Down 39.63 Mb/s Up - 90.19% limited?

  Hello everyone, my name is Sherri.  I became a Fios Internet 50/25 subscriber 4 days ago.  For the first 24 hours speedtest.verizon.net was giving me as much as a 60/30 speed results.  The next morning I noticed web pages taking abnormally long to load (even google.com), so I decided to check my speed again and am now getting as low as 1MB/s download wired or wirelessly.  My upload remains unaffected but browsing can get so slow it's almost unusable.  Any large downloads I try end up failing (i.e. cyanogenmod nightlies).  This has been going on for the past 3 days on all of my devices (android, PC, Macbook).
  How can I check if this is a fixable problem on my end or if it's a problem with Fios in my area that I just need to wait out?  I called tech support and they just want to send me a new router, but if it was the router wouldn't my upload be affected as well?
  Network diagnostic tool:
  Checking for Middleboxes . . . . . . . . . . . . . . . . . . Done
  SendBufferSize set to [131768]
  running 10s outbound test (client to server) . . . . . 39.63Mb/s
  running 10s inbound test (server to client) . . . . . . 1.87Mb/s
  ------ Client System Details ------
  OS data&colon; Name = Mac OS X, Architecture = x86_64, Version = 10.8.4
  Java data&colon; Vendor = Oracle Corporation, Version = 1.7.0_25
  ------ Web100 Detailed Analysis ------
  Client Receive Window detected at 131760 bytes.
  100 Mbps FastEthernet link found.
  Link set to Full Duplex mode
  Information: throughput is limited by other network traffic.
  Good network cable(s) found
  Normal duplex operation found.
  Web100 reports the Round trip time = 11.77 msec; the Packet size = 1448 Bytes; and 
  There were 169 packets retransmitted, 493 duplicate acks received, and 554 SACK blocks received
  The connection stalled 17 times due to packet loss
  The connection was idle 3.65 seconds (30.41%) of the time
  This connection is sender limited 9.81% of the time.
  This connection is network limited 90.19% of the time.
  Excessive packet loss is impacting your performance, check the auto-negotiate function on your local PC and network switch
  Web100 reports TCP negotiated the optional Performance Settings to: 
  RFC 2018 Selective Acknowledgment: ON
  RFC 896 Nagle Algorithm: ON
  RFC 3168 Explicit Congestion Notification: OFF
  RFC 1323 Time Stamping: ON
  RFC 1323 Window Scaling: ON
  Information: Network Middlebox is modifying MSS variable
  Server IP addresses are preserved End-to-End
  Client IP address not found. For IE users, modify the Java parameters
  click Tools - Internet Options - Security - Custom Level, scroll down to
  Microsoft VM - Java permissions and click Custom, click Java Custom Settings
  Edit Permissions - Access to all Network Addresses, click Eanble and save changes
  Any help would be appreciated!  Aside from the internet, I'm really happy with Fios TV .  The customer service rep credited me the internet cost for this month because of my issues and for that I am very thankful!  but... I would still like to get this fixed as soon as possible.
  Things I've tried:
  resetting ONT
  Forced firmware upgrade and router reset
  Verizon reset my service and gave me a new IP

  By the way, I agree with sybrand: you need to tune
  your redo log size.
  Regards
  Ignacio
  http://oracledisect.blogspot.com
  Ignacio,
  The excessive waits on log file parallel write and the related client wait of log file sync may be due to insufficient CPU availability, and may not point at an actual redo log size problem or a problem with the disk speed where the redo is written to disk, especially if there are 3 Oracle instances on the server with a single CPU.
  Paraphrased from "Optimizing Oracle Performance":
  The log file sync wait event is one of the first events to show increased latencies due to the time a process spends waiting in a CPU wait queue while processing excessive logical IOs.
  Kevin Closson wrote a couple blog entries that examined the potential problems of insufficient CPU capacity and its effects on log file parallel write when writing to solid state disks, and even when writing redo was explicitly disabled:
  http://kevinclosson.wordpress.com/2007/07/21/manly-men-only-use-solid-state-disk-for-redo-logging-lgwr-io-is-simple-but-not-lgwr-processing/
  "Once LGWR loses his CPU it may be quite some time until he gets it back. For instance, if LGWR is preempted in the middle of trying to perform a redo buffer flush, there may be several time slices of execution for other processes before LGWR gets back on CPU..." Fix the CPU problem, and the other significant waits may decrease.
  JesusLuvR,
  yingkuan's suggestion to look at the SQL statement that performs the 4,365,564 logical IOs, consumes 186.03 CPU seconds, and has an execution time of 225.06 seconds, is likely a very good starting point. You might also want to check the value of the SESSION_CACHED_CURSORS parameter to see if it needs to be adjusted.
  Charles Hooper
  IT Manager/Oracle DBA
  K&M Machine-Fabricating, Inc.

• Consistent packet loss just a few hops into Verizon's network

  I have had consistent packet loss just a few hops into Verizon's network for some time. I have tried the normal things like rebooting routers and releasing my ip address but none of that helps. Most routes do not have an issue, but there is one particular service in Verizon's network which I have issues with, and it happens to be the server that Verizon routes me through when I am gaming online.
  The server is : G0-3-3-6.RCMDVA-LCR-22.verizon-gni.net (130.81.191.80) and I average around 50% packet loss each night. It is just the second hop into my route:
  1) My Router Internal IP
  2) L100.RCMDVA-VFTTP-16.verizon-gni.net (98.117.88.1) with a ping of 9 and 0 packet loss
  3) G0-3-3-6.RCMDVA-LCR-22.verizon-gni.net (130.81.191.80)  with a ping of 15 and 50-80% packet loss.
  How can I get Verizon to stop routing me through this troublesome server? If I look at the route to goggle.com for example, I don't go through that server and there is no packet loss at all.

  mrballcb wrote:
  Since it's a congested link, you also should be aware that ICMP (what ping and traceroute use) become nearly useless for determining packet loss.  A router backplane assigns a grade to every packet that wants to cross from one network connection to another, and ICMP typically is assigned low grade/value.  So when a router is congested and needing to drop packets, ICMP is one of the first ones to get dropped.  Less than 1% of your TCP traffic may be having problems, but ICMP failure might be greater than 50%.  Find a traceroute program that can use TCP to do the traceroute for more accurate results.  I'm not a Windows guy, so I have no clue what programs you have which can do this.
  On my Linux/Unix computer, I use tcptraceroute
  On a Windows computer, you need to download and install tracetcp.
  If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

• Terrible Packet Loss in Game- Please help!

  Computing statistics for 100 seconds...
  Source to Here This Node/Link
  Hop RTT Lost/Sent = Pct Lost/Sent = Pct Address
  0 Sam-PC.home [192.168.1.5]
  0/ 25 = 0% |
  1 2ms 0/ 25 = 0% 0/ 25 = 0% Wireless_Broadband_Router.home [192.168.1.1]
  1/ 25 = 4% |
  2 13ms 1/ 25 = 4% 0/ 25 = 0% L100.WASHDC-VFTTP-126.verizon-gni.net [173.66.228.1]
  0/ 25 = 0% |
  3 11ms 1/ 25 = 4% 0/ 25 = 0% G1-5-0-4.WASHDC-LCR-21.verizon-gni.net [130.81.213.68]
  0/ 25 = 0% |
  4 20ms 1/ 25 = 4% 0/ 25 = 0% so-12-1-0-0.RES-BB-RTR1.verizon-gni.net [130.81.151.230]
  0/ 25 = 0% |
  5 12ms 1/ 25 = 4% 0/ 25 = 0% 0.xe-8-0-0.BR2.IAD8.ALTER.NET [152.63.38.129]
  0/ 25 = 0% |
  6 34ms 1/ 25 = 4% 0/ 25 = 0% ae17.edge1.washingtondc12.level3.net [4.68.62.137]
  0/ 25 = 0% |
  7 33ms 2/ 25 = 8% 1/ 25 = 4% vl-3503-ve-117.ebr1.Washington12.Level3.net [4.69.158.26]
  0/ 25 = 0% |
  8 29ms 3/ 25 = 12% 2/ 25 = 8% ae-6-6.ebr1.Atlanta2.Level3.net [4.69.148.105]
  0/ 25 = 0% |
  9 30ms 2/ 25 = 8% 1/ 25 = 4% ae-63-63.ebr3.Atlanta2.Level3.net [4.69.148.241]
  0/ 25 = 0% |
  10 50ms 1/ 25 = 4% 0/ 25 = 0% ae-7-7.ebr3.Dallas1.Level3.net [4.69.134.21]
  1/ 25 = 4% |
  11 56ms 2/ 25 = 8% 0/ 25 = 0% ae-63-63.csw1.Dallas1.Level3.net [4.69.151.133]
  0/ 25 = 0% |
  12 54ms 2/ 25 = 8% 0/ 25 = 0% ae-1-60.edge2.Dallas1.Level3.net [4.69.145.11]
  0/ 25 = 0% |
  13 54ms 2/ 25 = 8% 0/ 25 = 0% 4.59.197.34
  1/ 25 = 4% |
  14 50ms 3/ 25 = 12% 0/ 25 = 0% 64.25.32.9
  0/ 25 = 0% |
  15 --- 25/ 25 =100% 22/ 25 = 88% 64.25.32.26
  0/ 25 = 0% |
  16 48ms 3/ 25 = 12% 0/ 25 = 0% 64.25.39.1
  These are the results of a test I ran, but I don't know how to solve the problem. The game is unplayable because of the amount of packet loss. I know it is an issue of connection between the game and my router, so should I get a new router if mine is old?

  The router I would imagine to be okay for the first bit, but for the sake of things, reboot the router and also try giving your ONT a reboot by unplugging it from AC power and then disconnecting the battery. Re-connect it after 30 seconds by connecting the battery and then plugging it back into AC power.
  Also, see if the packet loss takes place during specific times of the day. If your router has a WAN connection over Coax (rather than an Ethernet connection) to your ONT, also consider checking your MoCa speeds based on this FAQ. Poor MoCa speeds can suggest shoddy coaxial causing some issues, too: https://secure.dslreports.com/faq/verizonfios/3.2_MOCA#16569
  ========
  The first to bring me 1Gbps Fiber for $30/m wins!

• WIFI Packet Loss/Jitter MacBook Air 11 & LION OSX 10.7.1

  I started using computers more than 30 years ago when I was 5, I had my first IBM PC at the age of 10 and have never had any interest in paying over the odds for an Apple mac mainly because I saw the Mac as a kind of "Can't open nothing", one mouse buttoned retard of the computer world.
  That is, until now.
  I set up an online business 3 years ago and rented a dedicated server and set the whole business up in a cloud, so to speak. Having done that, all I needed a laptop for was a remote desktop connection and to run a SIP phone (Internet phone).
  My PC based laptops had almost nothing installed on them, and I wasn't using software on the laptop itself, I was using remote desktop, so - why not try a MAC? The new Macbook Air 11 is small, light and made of metal and glass so should be robust enough to travel with me.
  I have to say, this was the worst move I've ever made.
  I opened the new shiny macbook and the first thing I noticed was that the internet seemed hit and miss. Moving around the room I managed to find a spot whereby pages woud load quickly. Strange, my £200 acer laptop was sh.t fast everywhere in the house. No matter, I packed it back away and carried on working on the Windows machine.
  I've come to Newquay this week, and i've started to try and use the Macbook again in a hotel. The wireless signal in the room is low, and speedtest shows about 1 meg down and 3/4 meg up. That may sound bad to you, but remote desktop uses about 5k/sec (modem dial up speed) and the softphone, well, my Asterisk VOIP setup is confugured to use the GSM codec so that's 8k/sec each way + overheads.
  This whole setup was deliberately designed to be "thin" so I can travel with ease and work on bad connections like USB internet sticks.
  Anyhow, the Macbook was unable to hold a stable connection to the remote desktop or SIP phone, even though the speed test showed a whopping 1 meg up and down. What you may not be aware of is that there is more to a connection than the speed, there is the quality as well. How many packets are lost / how much "jitter" is on the line.
  Anyhow, we're not living in the 3rd world, I ran a PINGTEST and it showed a small amount of jitter but told me the line was class B, online games may suffer but voip should be fine.
  I unpacked the Acer, placed it in exactly the same spot as the Apple had sat in and it worked beautifully with 1 bar of wireless signal, all day long. Phone calls were clear.
  So you know now what I'm thinking. I'm sitting here with my £200 acer because I can't use the £1500 macbook air 11. I paid nearly sixteen hundred pounds for this piece of .... and it doesn't ...... work. Time to contact Apple support.
  2nd Mistake!
  Representitive 1: - Told me that I can't compare the Macbook Air to the Acer, the Acer has Google Chrome and everybody knows Google Chrome is the fastest browser. I was told there was nothing more he could do, its probably a bad line at the hotel. When I explained the Acer works fine for voip I was told well, maybe it is getting a better signal. I explained the Acer has the cheapest possible parts inside it and paid 1500 for this macbook, expecting it to have quality parts inside and was told I'd paid for the size, because its so small but its not considered "powerful". Apple do you train your staff? Clearly not.
  Thank god I wasn't paying to talk to this moron.
  Representitive 2: - Had no idea what packet loss or Jitter was, got me to do a speedtest and said that looks fine. Then he got me to remove the WIFI adapter and re add it in the network settings.
  Guess what, nothing changed, its still the same hardware and software.
  Representitive 3: - Still not really understanding "quality" issues with the networking interface, I was asked to install the latest Java client. I did it, only because I wanted to comply with Apples wishes so they'd help me, but they weren't helping and Java has nothing to do with the network adapter, so that was useless advice too.
  Apple seem to have no idea there is a problem, even though Google has pages and pages of people saying the same as me, and their own discussion forums have thousands of people complaining https://discussions.apple.com/thread/2664670?start=0&tstart=0
  Finally, late yesterday whilst speaking to d.ck head number 3 at Apple support, we found a forum post talking about a fix, 10.7.1 update. I told d. head number 3 about the update and he suggested I applied it. So I did and everything looked great, for a whole evening.
  This morning, I switched on again and the same thing, slow remote desktop, choppy unusable phone. Remember the phone needs less than 20k for a conversation, thats 0.2 meg. Speedtest again showing a whole meg both ways.
  I called apple support again, this time being a little forceful, and I've asked for this to be escalated, but the bottom line is - they have no fix, they don't aknowledge this as a problem and I was told LION is new, so maybe it's got a bug..
  I told the guy on the phone this is a network driver issue, the intermittency of the problem shows that and the Apple's lack of settings for the network adapter means the unit is autonegotiating with the router and choosing speed and duplex settings on its own. Sometimes it does that correctly, other times not and the connection although fast has a lot of noise / packet loss / corruption.
  I've found a workaround, you put the unit to sleep and wake it up again and it runs fast until the next shutdown. Not really acceptable seeing as I was paying for "the cream of the crop".
  I will definately not be recommending Apple products, and i'll certainly not be replacing the Windows laptops in my business with Apple's toytown system- i'd go out of business if I had to rely on this.
  All there is left now, is to look at Boot camp and see if I can wipe this waste of space linux hack from the unit and install Windows 7.

  I started using computers more than 30 years ago when I was 5, I had my first IBM PC at the age of 10 and have never had any interest in paying over the odds for an Apple mac mainly because I saw the Mac as a kind of "Can't open nothing", one mouse buttoned retard of the computer world.
  That is, until now.
  I set up an online business 3 years ago and rented a dedicated server and set the whole business up in a cloud, so to speak. Having done that, all I needed a laptop for was a remote desktop connection and to run a SIP phone (Internet phone).
  My PC based laptops had almost nothing installed on them, and I wasn't using software on the laptop itself, I was using remote desktop, so - why not try a MAC? The new Macbook Air 11 is small, light and made of metal and glass so should be robust enough to travel with me.
  I have to say, this was the worst move I've ever made.
  I opened the new shiny macbook and the first thing I noticed was that the internet seemed hit and miss. Moving around the room I managed to find a spot whereby pages woud load quickly. Strange, my £200 acer laptop was sh.t fast everywhere in the house. No matter, I packed it back away and carried on working on the Windows machine.
  I've come to Newquay this week, and i've started to try and use the Macbook again in a hotel. The wireless signal in the room is low, and speedtest shows about 1 meg down and 3/4 meg up. That may sound bad to you, but remote desktop uses about 5k/sec (modem dial up speed) and the softphone, well, my Asterisk VOIP setup is confugured to use the GSM codec so that's 8k/sec each way + overheads.
  This whole setup was deliberately designed to be "thin" so I can travel with ease and work on bad connections like USB internet sticks.
  Anyhow, the Macbook was unable to hold a stable connection to the remote desktop or SIP phone, even though the speed test showed a whopping 1 meg up and down. What you may not be aware of is that there is more to a connection than the speed, there is the quality as well. How many packets are lost / how much "jitter" is on the line.
  Anyhow, we're not living in the 3rd world, I ran a PINGTEST and it showed a small amount of jitter but told me the line was class B, online games may suffer but voip should be fine.
  I unpacked the Acer, placed it in exactly the same spot as the Apple had sat in and it worked beautifully with 1 bar of wireless signal, all day long. Phone calls were clear.
  So you know now what I'm thinking. I'm sitting here with my £200 acer because I can't use the £1500 macbook air 11. I paid nearly sixteen hundred pounds for this piece of .... and it doesn't ...... work. Time to contact Apple support.
  2nd Mistake!
  Representitive 1: - Told me that I can't compare the Macbook Air to the Acer, the Acer has Google Chrome and everybody knows Google Chrome is the fastest browser. I was told there was nothing more he could do, its probably a bad line at the hotel. When I explained the Acer works fine for voip I was told well, maybe it is getting a better signal. I explained the Acer has the cheapest possible parts inside it and paid 1500 for this macbook, expecting it to have quality parts inside and was told I'd paid for the size, because its so small but its not considered "powerful". Apple do you train your staff? Clearly not.
  Thank god I wasn't paying to talk to this moron.
  Representitive 2: - Had no idea what packet loss or Jitter was, got me to do a speedtest and said that looks fine. Then he got me to remove the WIFI adapter and re add it in the network settings.
  Guess what, nothing changed, its still the same hardware and software.
  Representitive 3: - Still not really understanding "quality" issues with the networking interface, I was asked to install the latest Java client. I did it, only because I wanted to comply with Apples wishes so they'd help me, but they weren't helping and Java has nothing to do with the network adapter, so that was useless advice too.
  Apple seem to have no idea there is a problem, even though Google has pages and pages of people saying the same as me, and their own discussion forums have thousands of people complaining https://discussions.apple.com/thread/2664670?start=0&tstart=0
  Finally, late yesterday whilst speaking to d.ck head number 3 at Apple support, we found a forum post talking about a fix, 10.7.1 update. I told d. head number 3 about the update and he suggested I applied it. So I did and everything looked great, for a whole evening.
  This morning, I switched on again and the same thing, slow remote desktop, choppy unusable phone. Remember the phone needs less than 20k for a conversation, thats 0.2 meg. Speedtest again showing a whole meg both ways.
  I called apple support again, this time being a little forceful, and I've asked for this to be escalated, but the bottom line is - they have no fix, they don't aknowledge this as a problem and I was told LION is new, so maybe it's got a bug..
  I told the guy on the phone this is a network driver issue, the intermittency of the problem shows that and the Apple's lack of settings for the network adapter means the unit is autonegotiating with the router and choosing speed and duplex settings on its own. Sometimes it does that correctly, other times not and the connection although fast has a lot of noise / packet loss / corruption.
  I've found a workaround, you put the unit to sleep and wake it up again and it runs fast until the next shutdown. Not really acceptable seeing as I was paying for "the cream of the crop".
  I will definately not be recommending Apple products, and i'll certainly not be replacing the Windows laptops in my business with Apple's toytown system- i'd go out of business if I had to rely on this.
  All there is left now, is to look at Boot camp and see if I can wipe this waste of space linux hack from the unit and install Windows 7.

• 7613 Router - Packet-loss on a LAN link between 6704 and ES 2T

  Hi
  After connecting two ends of a 10 Gig LAN Link from a 6704 on one 7613 to a ES 2T on another 7613 , then we have packet loss on that link beyond a specific traffic limit !
  Please note that after changing both boards to ES 2T we have no problem and LAN/WAN mode is also checked . 

  Ash wrote:
  It's dropping pings, you can see that clearly from the above. It's intermittent. Whilst a drop in pings isn't the definitive sign of packetloss, the way in which it's doing it is.
  If it was going to drop it through flooding it simply wouldn't respond at all after the first few. It it was configured to not respond, it simply wouldn't.
  Pings to any external source - (not to the device itself) are also failing intermittently. This indicates that a device along the traffic path is having issues.
  I can screenshot a nice disconnection plug in games, but there's no real need.
  The evidence is there if you know how to interpret it. This needs to be investigated.
  A question for you then!
  What happens when your router gets repeated pings from the same source?
  Does it not block them as a possible DDOS attack?
  The more gamers try this tactic the worse their traces will get & it will more than likely also affect other gamers interested in low latency through these same nodes!
  Check the timings between the true source & destination by all means but please do not
  unnecessarily stress individual points on the main ISP network backbones!
  "I have this awful feeling someone is watching every move I make (one of my pet hates is router location tagging)." Marvin (A paranoid Android)

• Tons of packet loss and Verizon techs say its fine

  As you can see from the below test ran from dslreports.com, I'm having a lot of packet loss issues. This has been going on for nearly two weeks now and tech support has been more of an annoyance than a help upto this point. I've talked to tech support at least 5 times only to be told my line test comes back fine, its normal, reset your modem, delete your cookies, is your pc old, etc. I've even had them vpn itno my system and run pings and they see the packet loss and all the issues I'm having first hand and still  say it isn't a big deal. On more than one occasion I've had my modem data light just flashing and had to reset the modem and they suggest I just buy a new modem. Seriously, is this how bad tech support has gotten?
  I've shown them test after test after test and the all come back pretty much the same... The thing is its been perfect for years and suddenly this and its like tech support wants to sweep it under the rug or something.  I've had it suggested to me the packet loss and high pings when I'm not getting the packet loss is due to my pool being over populated.  Like I'm ow getting ping averages of 250-300 instead of 30-40s, again when its not all timing out.
  I've posted over on the dslreports forums asking about this as well as in the Verizon specific forums to the techs all with 0 replies from anything and was told to come here and see if anyone would be able to help.
  I really not bother with the hassle of switching isps as ive been a loyal Verizon dsl customer for well over 5 years but at this point just knowing how bad tech support is alone might make me want to.
  Can anyone offer any insight on what else to do or help on this possibly?
  Thanks.
  Test Loss Min
  Latency Avg
  Latency Max
  Latency Pass
  Fail Simple ping loss check
  10secs of 40byte packets 2 per second 5% loss 137ms 141ms 148ms
  warn low bandwidth stream
  10secs of 56k/bit ping stream 512byte packets 6% loss 142ms 147ms 154ms
  warn medium bandwidth stream
  10secs of 128k/bit ping stream 512byte packets 2% loss 140ms 147ms 173ms
  pass your first hop ping
  stream of 40byte pings to 130.81.44.101 4% loss 118ms You are 19ms
  to your first hop
  pass Ping plot:
  Ping plot:
  From East Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 ae-2.bb-b.slr.lxa.us.oneandone.net 0% 60 60 0.46 2.29 59.98 1 te-2-1.bb-b.ms.mkc.us.oneandone.net 0% 60 60 0.92 1.89 36.10 2 64.209.105.233 0% 60 60 13.97 41.38 948.69 3 0.xe-8-2-0.BR3.CHI13.ALTER.NET 0% 60 60 26.13 30.80 80.28 4 0.ae3.CHI01-BB-RTR1.verizon-gni.NET 0% 60 60 26.49 27.84 88.62 5 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 54.25 55.01 56.32 6 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 0% 60 60 116.80 121.05 130.35 7 pool-71-171-24-94.nwrknj.east.verizon.net 14% 52 60 142.49 147.61 169.10 (fail) From West Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 unknown.Level3.net 2% 59 60 0.64 16.67 150.86 1 ae-4-99.edge1.SanJose3.Level3.net 4% 58 60 1.15 5.12 59.35 2 4.68.63.146 0% 60 60 1.25 3.31 55.27 3 0.ae3.XL3.SJC7.ALTER.NET 0% 60 60 1.25 1.68 9.80 4 0.ge-6-3-0.XT1.DCA6.ALTER.NET 0% 60 60 75.58 77.85 108.89 5 0.so-4-0-0.RES-BB-RTR1.verizon-gni.net 0% 60 60 75.52 80.78 136.25 6 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 90.25 91.97 94.08 7 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 2% 59 60 154.03 159.68 164.42 8 pool-71-171-24-94.nwrknj.east.verizon.net 4% 58 60 175.74 183.27 187.00 (fail)

  As you can see from the below test ran from dslreports.com, I'm having a lot of packet loss issues. This has been going on for nearly two weeks now and tech support has been more of an annoyance than a help upto this point. I've talked to tech support at least 5 times only to be told my line test comes back fine, its normal, reset your modem, delete your cookies, is your pc old, etc. I've even had them vpn itno my system and run pings and they see the packet loss and all the issues I'm having first hand and still  say it isn't a big deal. On more than one occasion I've had my modem data light just flashing and had to reset the modem and they suggest I just buy a new modem. Seriously, is this how bad tech support has gotten?
  I've shown them test after test after test and the all come back pretty much the same... The thing is its been perfect for years and suddenly this and its like tech support wants to sweep it under the rug or something.  I've had it suggested to me the packet loss and high pings when I'm not getting the packet loss is due to my pool being over populated.  Like I'm ow getting ping averages of 250-300 instead of 30-40s, again when its not all timing out.
  I've posted over on the dslreports forums asking about this as well as in the Verizon specific forums to the techs all with 0 replies from anything and was told to come here and see if anyone would be able to help.
  I really not bother with the hassle of switching isps as ive been a loyal Verizon dsl customer for well over 5 years but at this point just knowing how bad tech support is alone might make me want to.
  Can anyone offer any insight on what else to do or help on this possibly?
  Thanks.
  Test Loss Min
  Latency Avg
  Latency Max
  Latency Pass
  Fail Simple ping loss check
  10secs of 40byte packets 2 per second 5% loss 137ms 141ms 148ms
  warn low bandwidth stream
  10secs of 56k/bit ping stream 512byte packets 6% loss 142ms 147ms 154ms
  warn medium bandwidth stream
  10secs of 128k/bit ping stream 512byte packets 2% loss 140ms 147ms 173ms
  pass your first hop ping
  stream of 40byte pings to 130.81.44.101 4% loss 118ms You are 19ms
  to your first hop
  pass Ping plot:
  Ping plot:
  From East Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 ae-2.bb-b.slr.lxa.us.oneandone.net 0% 60 60 0.46 2.29 59.98 1 te-2-1.bb-b.ms.mkc.us.oneandone.net 0% 60 60 0.92 1.89 36.10 2 64.209.105.233 0% 60 60 13.97 41.38 948.69 3 0.xe-8-2-0.BR3.CHI13.ALTER.NET 0% 60 60 26.13 30.80 80.28 4 0.ae3.CHI01-BB-RTR1.verizon-gni.NET 0% 60 60 26.49 27.84 88.62 5 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 54.25 55.01 56.32 6 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 0% 60 60 116.80 121.05 130.35 7 pool-71-171-24-94.nwrknj.east.verizon.net 14% 52 60 142.49 147.61 169.10 (fail) From West Coast - USA to YOU Hop Host LOSS Rcv Sent Best Avg Worst 0 unknown.Level3.net 2% 59 60 0.64 16.67 150.86 1 ae-4-99.edge1.SanJose3.Level3.net 4% 58 60 1.15 5.12 59.35 2 4.68.63.146 0% 60 60 1.25 3.31 55.27 3 0.ae3.XL3.SJC7.ALTER.NET 0% 60 60 1.25 1.68 9.80 4 0.ge-6-3-0.XT1.DCA6.ALTER.NET 0% 60 60 75.58 77.85 108.89 5 0.so-4-0-0.RES-BB-RTR1.verizon-gni.net 0% 60 60 75.52 80.78 136.25 6 P15-3.RONKVA-LCR-01.verizon-gni.net 0% 60 60 90.25 91.97 94.08 7 P0-0.RONKVA-RONKVALK-ERXG02.verizon-gni.net 2% 59 60 154.03 159.68 164.42 8 pool-71-171-24-94.nwrknj.east.verizon.net 4% 58 60 175.74 183.27 187.00 (fail)

• Packet Loss after Reboot of ASA 5510

  Hi all,
  I have an ASA and a 2811 behind it and I had to replace a battery on a UPS so I had to take down the network to do it. Before doing it the network ran fine, but I did a WR MEM and a Copy RUNNING to STARTUP config thinking that the configs I had were fine. At some point in the past I must of made a change and never applied it and maybe it is causing the issue, but I am at a loss as to what is the cause. I am getting consistent packet loss from the ASA out. Any address I ping on the inside is clear and quick. Also, I do not know if it is related, but I cannot get results from TRACE ROUTES and I believe I used to.
  I have confirmed the PL is related to my network, if I plug the static IP info from the provider in to a laptop, it is clear. I am at my wits end, and I know just enough to be dangerous, so any help would be appreciated.
  Here are my configs:
  ASA5510# sh run
  : Saved
  ASA Version 9.1(4)
  hostname ASA5510
  domain-name m.int
  enable password encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd  encrypted
  names
  dns-guard
  interface Ethernet0/0
   description LAN Interface
   nameif Inside
   security-level 100
   ip address 10.10.1.1 255.255.255.252
  interface Ethernet0/1
   description WAN Interface
   nameif Outside
   security-level 0
   ip address 68.233.x.x 255.255.255.128
  interface Ethernet0/2
   description DMZ
   nameif DMZ
   security-level 100
   ip address 10.10.0.1 255.255.255.252
  interface Ethernet0/3
   description VOIP
   nameif VOIP
   security-level 100
   ip address 10.10.2.1 255.255.255.252
  interface Management0/0
   management-only
   shutdown
   nameif management
   security-level 0
   no ip address
  boot system disk0:/asa914-k8.bin
  ftp mode passive
  dns domain-lookup Inside
  dns domain-lookup Outside
  dns server-group DefaultDNS
   name-server 8.8.8.8
   name-server 8.8.4.4
   name-server 68.233.xx.5
   name-server 68.233.xx.6
   domain-name m.int
  same-security-traffic permit inter-interface
  object network ROUTER-2811
   host 10.10.1.2
  object network ROUTER-2821
   host 10.10.0.2
  object network WEBCAM-01
   host 192.168.1.5
  object network DNS-SERVER
   host 192.168.1.2
  object network ROUTER-3745
   host 10.10.2.2
  object network RDP-DC1
   host 192.168.1.2
  object network BLUE
   host 192.168.1.6
   description Blue Iris Server
  object network M_LAP_LEA
   host 192.168.1.20
   description Laptop from LEA
  object-group network PAT-SOURCE
   network-object 10.10.1.0 255.255.255.252
   network-object 10.10.0.0 255.255.255.252
   network-object 10.10.2.0 255.255.255.252
   network-object 192.168.0.0 255.255.255.0
   network-object 172.16.10.0 255.255.255.0
   network-object 172.16.20.0 255.255.255.0
   network-object 128.162.1.0 255.255.255.0
   network-object 128.162.10.0 255.255.255.0
   network-object 128.162.20.0 255.255.255.0
   network-object 192.168.1.0 255.255.255.0
   network-object 192.168.10.0 255.255.255.0
   network-object 192.168.20.0 255.255.255.0
   network-object 172.16.1.0 255.255.255.0
   network-object 162.128.1.0 255.255.255.0
   network-object 162.128.10.0 255.255.255.0
   network-object 162.128.20.0 255.255.255.0
   network-object 142.16.1.0 255.255.255.0
   network-object 142.16.10.0 255.255.255.0
   network-object 142.16.20.0 255.255.255.0
  object-group network DM_INLINE_NETWORK_2
   network-object host 98.22.xxx
  object-group network Outside_access_in
  object-group protocol DM_INLINE_PROTOCOL_1
   protocol-object gre
  access-list USERS standard permit 10.10.1.0 255.255.255.0
  access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-2811 eq ssh
  access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-2821 eq ssh
  access-list Outside_access_in extended permit tcp host 98.22.xxx interface Outside eq https
  access-list Outside_access_in extended permit tcp host 98.22.xxx object WEBCAM-01 eq www inactive
  access-list Outside_access_in extended permit tcp host 98.22.xxx object RDP-DC1 eq xxxx
  access-list Outside_access_in extended permit tcp host 98.22.xxx object BLUE eq xxxx
  access-list Outside_access_in extended permit tcp host 98.22.xxx object ROUTER-3745 eq ssh
  access-list Outside_access_in extended permit tcp any object BLUE eq xxxx
  access-list dmz-access-vlan1 extended permit ip 128.162.1.0 255.255.255.0 any
  access-list dmz-access remark Permit all traffic to DC1
  access-list dmz-access extended permit ip 128.162.1.0 255.255.255.0 host 192.168.1.2
  access-list dmz-access remark Permit only DNS traffic to DNS server
  access-list dmz-access extended permit udp 128.162.1.0 255.255.255.0 host 192.168.1.2 eq domain
  access-list dmz-access remark Permit ICMP to all devices in DC
  access-list dmz-access extended permit icmp 128.162.1.0 255.255.255.0 192.168.1.0 255.255.255.0
  access-list dmz-access remark Permit all traffic to DC1
  access-list dmz-access remark Permit only DNS traffic to DNS server
  access-list dmz-access remark Permit ICMP to all devices in DC
  pager lines 24
  logging enable
  logging asdm informational
  mtu Inside 1500
  mtu Outside 1500
  mtu DMZ 1500
  mtu VOIP 1500
  mtu management 1500
  icmp unreachable rate-limit 1 burst-size 1
  icmp deny any Outside
  asdm image disk0:/asdm-715.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  object network ROUTER-2811
   nat (Inside,Outside) static interface service tcp ssh x
  object network ROUTER-2821
   nat (DMZ,Outside) static interface service tcp ssh x
  object network WEBCAM-01
   nat (Inside,Outside) static interface service tcp www x
  object network ROUTER-3745
   nat (VOIP,Outside) static interface service tcp ssh x
  object network RDP-DC1
   nat (Inside,Outside) static interface service tcp xxxx xxxx
  object network BLUE
   nat (Inside,Outside) static interface service tcp xxxx xxxx
  nat (any,Outside) after-auto source dynamic any interface
  access-group Outside_access_in in interface Outside
  route Outside 0.0.0.0 0.0.0.0 68.233.151.1 1
  route DMZ 128.162.1.0 255.255.255.0 10.10.0.2 1
  route DMZ 128.162.10.0 255.255.255.0 10.10.0.2 1
  route DMZ 128.162.20.0 255.255.255.0 10.10.0.2 1
  route VOIP 142.16.1.0 255.255.255.0 10.10.2.2 1
  route VOIP 142.16.10.0 255.255.255.0 10.10.2.2 1
  route VOIP 142.16.20.0 255.255.255.0 10.10.2.2 1
  route Inside 172.16.10.0 255.255.255.0 10.10.1.2 1
  route Inside 172.16.20.0 255.255.255.0 10.10.1.2 1
  route Inside 192.168.1.0 255.255.255.0 10.10.1.2 1
  route Inside 192.168.10.0 255.255.255.0 10.10.1.2 1
  route Inside 192.168.20.0 255.255.255.0 10.10.1.2 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server PNL-RADIUS protocol radius
  aaa-server PNL-RADIUS (Inside) host 192.168.1.2
   key *****
   radius-common-pw *****
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 0.0.0.0 0.0.0.0 Inside
  http 98.22.xxx 255.255.255.255 Outside
  snmp-server host Inside 192.168.1.2 community ***** version 2c udp-port 161
  snmp-server location Lovington NM USA
  snmp-server contact Mitchell Tuckness
  snmp-server community *****
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec security-association pmtu-aging infinite
  crypto ca trustpool policy
  telnet timeout 5
  ssh 0.0.0.0 0.0.0.0 Inside
  ssh 98.22.xxx 255.255.255.255 Outside
  ssh timeout 60
  ssh version 2
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  ntp server 24.56.178.140 source Outside prefer
  username xxxx password x encrypted privilege 15
  class-map inspection_default
   match default-inspection-traffic
  policy-map type inspect dns migrated_dns_map_1
   parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
   class inspection_default
    inspect dns migrated_dns_map_1
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect icmp
    inspect icmp error
    inspect pptp
   class class-default
    user-statistics accounting
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
   profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  password encryption aes
  hpm topN enable
  Cryptochecksum:949189d67866f6c09450769d41649992
  : end
  C2811#sh run
  Building configuration...
  Current configuration : 3925 bytes
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname C2811
  boot-start-marker
  boot system flash
  boot-end-marker
  enable secret 4 DWJfYBf6KhkIRmhhIhx8ibAAXVGQWjwfuyzfaX4Im8M
  aaa new-model
  aaa session-id common
  dot11 syslog
  no ip source-route
  ip cef
  no ip dhcp use vrf connected
  ip domain name maladomini.int
  ip name-server 192.168.1.2
  ip name-server 8.8.8.8
  ip name-server 68.233.xxx.x
  ip name-server 68.233.xxx.x
  no vlan accounting input
  multilink bundle-name authenticated
  password encryption aes
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-1290569776
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-1290569776
   revocation-check none
   rsakeypair TP-self-signed-1290569776
  crypto pki certificate chain TP-self-signed-1290569776
   certificate self-signed 01
    3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31323930 35363937 3736301E 170D3134 30313035 30363130
    33395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32393035
    36393737 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100B18F F63C5121 00785DE0 854601BA EE77DAA3 21286D8C 6E700C37 237CC1BE
    611023AF FBE04BBE 7B4B3233 E4E129DD A74604E5 62AA39BF 77F98D5D D63944E9
    2345AE37 D93C5753 E425E85A EB22C2C9 CFC5D1A0 F800449B 0419A5C8 A0A101EC
    02928172 7B30A609 71ADA3D4 68F4F484 AF2B3249 0E225DB2 C72C136A E670D761
    DDE30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
    551D2304 18301680 1461F6DE 8EF50F7B 0E46359F 421EA106 9375F65F 30301D06
    03551D0E 04160414 61F6DE8E F50F7B0E 46359F42 1EA10693 75F65F30 300D0609
    2A864886 F70D0101 05050003 81810049 BA55F695 8525265F ED2D77EE 8706BF10
    63A7E644 202F6663 9EA5551F 47F7FC50 D4021EDD E3DC5A80 39FD161A C337D20D
    71B98875 0F1FE887 649E81D3 F93F7A1B A1E18B99 A77B1A59 84DB4711 867913FD
    044084FB 651ECA6E C6EDF35C E43A2946 8C01781E 26DB9484 C8740A82 4A7CA266
    A0655526 CBCB4982 F30D68E9 D70753
          quit
  license udi pid CISCO2811 sn FTX1041A07T
  username admin secret 5 $1$iBeC$8dqYMcpTex8gtUfannzox.
  username xxxx privilege 15 secret 4 DWJfYBf6KhkIRmhhIhx8ibAAXVGQWjwfuyzfaX4Im8M
  redundancy
  ip ssh time-out 60
  ip ssh authentication-retries 5
  ip ssh version 2
  interface FastEthernet0/0
   description CONNECTION TO INSIDE INT. OF ASA
   ip address 10.10.1.2 255.255.255.252
   ip virtual-reassembly in
   duplex auto
   speed auto
  interface FastEthernet0/1
   no ip address
   ip virtual-reassembly in
   duplex auto
   speed auto
  interface FastEthernet0/1.1
   description VLAN 10
   encapsulation dot1Q 10
   ip address 192.168.10.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface FastEthernet0/1.2
   description VLAN 20
   encapsulation dot1Q 20
   ip address 192.168.20.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface FastEthernet0/1.3
   description Trunk Interface VLAN 1
   encapsulation dot1Q 1 native
   ip address 192.168.1.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface Dialer0
   no ip address
  ip default-gateway 10.10.1.1
  ip forward-protocol nd
  no ip http server
  ip http authentication local
  ip http secure-server
  ip dns server
  ip route 0.0.0.0 0.0.0.0 10.10.1.1
  ip ospf name-lookup
  access-list 1 permit any
  dialer-list 1 protocol ip permit
  snmp-server community Maladomini-RW RW
  tftp-server system:running-config 1
  control-plane
  line con 0
   exec-timeout 0 0
   password 7 101D58415D361606050A147A
  line aux 0
  line vty 0 4
   exec-timeout 0 0
   password 7 0527031B2C49470758
   transport input ssh
  scheduler allocate 20000 1000
  end
  2821:
  C2821#sh run
  Building configuration...
  Current configuration : 4128 bytes
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname C2821
  boot-start-marker
  boot system flash
  boot-end-marker
  enable secret 4 x
  aaa new-model
  aaa session-id common
  dot11 syslog
  no ip source-route
  ip cef
  no ip dhcp use vrf connected
  ip domain name maladomini.int
  ip name-server 192.168.1.2
  ip name-server 8.8.8.8
  ip name-server 68.233.xxx.x
  ip name-server 68.233.xxx.x
  no vlan accounting input
  multilink bundle-name authenticated
  password encryption aes
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-3335929422
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-3335929422
   revocation-check none
   rsakeypair TP-self-signed-3335929422
  crypto pki certificate chain TP-self-signed-3335929422
   certificate self-signed 01
    3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 33333335 39323934 3232301E 170D3134 30313135 30333537
    32385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33333539
    32393432 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100AF6D 8C23745E 80AA83AC BE0243DD C8F8EC56 85BBE495 EF790354 B7E81921
    4C46CE35 F840420A 8385D3E3 B7B14EDF F4A8DB51 1A29E0ED A2704F69 9632ED7E
    5F66E546 486B2821 FB77266F 950D351E 13AA18FE 687643F6 FB9BF95F E56A0195
    19B8A7B6 7A582357 2517F08E 5E3BA197 2CD71E3E 32AB4B96 412E9AE3 1932A218
    7A1F0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
    551D2304 18301680 14A86115 C2CA9E15 399B2A9C 21585323 1E2F3D98 45301D06
    03551D0E 04160414 A86115C2 CA9E1539 9B2A9C21 5853231E 2F3D9845 300D0609
    2A864886 F70D0101 05050003 81810028 81D8F701 D6AFDC54 94A93185 1E5F4DAC
    4DBF50B7 30B57ABD D1612E69 D964B77A A379F55C 7E823F42 4D01440C B237DED9
    6B8047B7 0496D8BB BD7EAC18 E6ACA1B1 3B527172 4A7B0D7B 4A031168 F99B171D
    D217CB06 2F31E4DF FD9AC1C9 1199869A 34E90671 5611A6DA 7CC6A7B0 A39F78FB
    B3932E37 4B302779 E761DB00 AFA7CC
          quit
  license udi pid CISCO2821 sn FTX1327AH7A
  username x privilege 15 secret 4 x
  redundancy
  ip ssh time-out 60
  ip ssh authentication-retries 5
  ip ssh version 2
  interface GigabitEthernet0/0
   description CONNECTION TO INSIDE INT. OF ASA
   ip address 10.10.0.2 255.255.255.252
   ip virtual-reassembly in
   duplex auto
   speed auto
  interface GigabitEthernet0/1
   no ip address
   ip virtual-reassembly in
   duplex auto
   speed auto
  interface GigabitEthernet0/1.1
   description VLAN 10
   encapsulation dot1Q 10
   ip address 128.162.10.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface GigabitEthernet0/1.2
   description VLAN 20
   encapsulation dot1Q 20
   ip address 128.162.20.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface GigabitEthernet0/1.3
   description Trunk Interface VLAN1
   encapsulation dot1Q 1 native
   ip address 128.162.1.1 255.255.255.0
   ip helper-address 192.168.1.2
   ip virtual-reassembly in
  interface Serial0/0/0
   no ip address
   shutdown
  interface Serial0/1/0
   no ip address
   shutdown
  interface Serial0/2/0
   no ip address
   shutdown
  interface Dialer0
   no ip address
  ip default-gateway 10.10.0.1
  ip forward-protocol nd
  no ip http server
  ip http authentication local
  ip http secure-server
  ip dns server
  ip route 0.0.0.0 0.0.0.0 10.10.0.1
  ip ospf name-lookup
  access-list 1 permit any
  dialer-list 1 protocol ip permit
  snmp-server community Maladomini-RW RW
  snmp-server host 192.168.1.2 version 2c Maladomini-RW  envmon cpu snmp
  control-plane
  line con 0
   exec-timeout 0 0
   password 7 101D58415D361606050A147A
  line aux 0
  line vty 0 4
   exec-timeout 0 0
   password 7 15415A545C0B2F29213D0B73
   transport input ssh
  scheduler allocate 20000 1000
  end
  POE Switch:
  C3560#sh run
  Building configuration...
  Current configuration : 7368 bytes
  version 12.2
  no service pad
  service timestamps debug uptime
  service timestamps log uptime
  service password-encryption
  hostname C3560
  boot-start-marker
  boot-end-marker
  enable secret 5 $1$wzS5$Kl0aHmGjOrfNL8H8QN9gJ1
  enable password 7 091F1F514124131F02023A7B
  username mtuckness privilege 15 secret 5 $1$j68Z$ObA6K7Qc2Vsmyu479Hlh6/
  aaa new-model
  aaa session-id common
  clock timezone MST -7
  system mtu routing 1500
  ip domain-name maladomini.int
  password encryption aes
  crypto pki trustpoint TP-self-signed-2488747392
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-2488747392
   revocation-check none
   rsakeypair TP-self-signed-2488747392
  crypto pki certificate chain TP-self-signed-2488747392
   certificate self-signed 01
    3082024C 308201B5 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 32343838 37343733 3932301E 170D3933 30333031 30303031
    30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34383837
    34373339 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100B715 1CCA0EFB 6D550F27 A4B9F403 7D1CBCCE AB363F89 61AF4773 64351010
    AB866AA6 411463BC A7D9C6E3 0CA4EEEC 47C50D33 2F904AD1 8FC5B10B 8F204157
    FB5B3A4C 78BD4BDF 14F79CCC D9A0E10B 909BF5BA 095BB9AC 722197D4 3C2CB70B
    15D2A221 5FF8BC03 6A642B36 437B9E22 858BF597 F1844026 5DAF2114 EF75718D
    EC3B0203 010001A3 74307230 0F060355 1D130101 FF040530 030101FF 301F0603
    551D1104 18301682 14433335 36302E6D 616C6164 6F6D696E 692E696E 74301F06
    03551D23 04183016 8014D364 9162E0D2 C7936513 1E1C677C 73D675EC 37FF301D
    0603551D 0E041604 14D36491 62E0D2C7 9365131E 1C677C73 D675EC37 FF300D06
    092A8648 86F70D01 01040500 03818100 2DE49969 2E9C7A81 E96B97A8 7E15BC69
    2DA62233 C958092D 2E51DD59 526DA795 CBFE219E 3536852A 5F71A90A BF5016E0
    F93FA6F7 55D9BA23 52A2858E B927E0FB B3DC6B20 28FBD64C 6FA956EC 3E6E8756
    F12F7182 538D13AE E343674E 41A1BDE1 A42579F2 8070FC92 5C805995 7BA25FA5
    3A89C4E5 C6B2D76F FF2C1CF9 6A8DF631
    quit
  spanning-tree mode pvst
  spanning-tree portfast bpduguard default
  no spanning-tree optimize bpdu transmission
  spanning-tree extend system-id
  vlan internal allocation policy ascending
  ip ssh time-out 60
  ip ssh authentication-retries 5
  ip ssh version 2
  interface FastEthernet0/1
   switchport mode access
   spanning-tree portfast
  interface FastEthernet0/2
   switchport mode access
   spanning-tree portfast
  Removed interfaces
  interface GigabitEthernet0/1
   description CONNECTION TO 2821 ROUTER - TRUNK
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 1,10,20
   switchport mode trunk
  interface GigabitEthernet0/2
  interface GigabitEthernet0/3
  interface GigabitEthernet0/4
  interface Vlan1
   ip address 128.162.1.3 255.255.255.0
   ip helper-address 192.168.1.2
   no ip route-cache
   no ip mroute-cache
  interface Vlan10
   ip address 128.162.10.3 255.255.255.0
   ip helper-address 192.168.1.2
  interface Vlan20
   ip address 128.192.20.3 255.255.255.0
   ip helper-address 192.168.1.2
  ip default-gateway 10.10.0.2
  no ip classless
  ip http server
  ip http authentication local
  ip http secure-server
  access-list 1 permit any
  snmp-server community Maladomini-RW RO
  snmp-server location Lovington NM USA
  line con 0
   exec-timeout 0 0
   password 7 075C701416281D081E1C355D
  line vty 0 4
   password 7 0527031B2C49470758
   transport input ssh
  line vty 5 15
   exec-timeout 0 0
   password 7 05585757796D4A04100B2943
  end

  I located the issue of the packet loss. I have a security system that uploads FTP images of the cameras and after the reboot of the network, the only computer that wasn't shut down was the security camera PC.
  So I think what happened was after I brought everything back up, it was saturating the outgoing bandwidth, causing packet loss and high latency. Once I determined what it was and shut off the FTP image upload, the pings stabilized and it is working fine now. Trace routes are still not functioning, but I can live without that for now.

• 50% Packet Loss on VoIP/Video calls

  HI,
  When making VoIP or video calls I'm getting up to 50% packet loss. I'm struggling to find out what is causing the problem. When I make a video call I have, at the same time, run speedtest.net and it is still providing adequate bandwidth so I know that is not the cause. The packet loss seems to come and go so it will be fine for a few seconds and then goes up to 50% for a few seconds and then keeps cycling.
  -Dave

  Ash wrote:
  It's dropping pings, you can see that clearly from the above. It's intermittent. Whilst a drop in pings isn't the definitive sign of packetloss, the way in which it's doing it is.
  If it was going to drop it through flooding it simply wouldn't respond at all after the first few. It it was configured to not respond, it simply wouldn't.
  Pings to any external source - (not to the device itself) are also failing intermittently. This indicates that a device along the traffic path is having issues.
  I can screenshot a nice disconnection plug in games, but there's no real need.
  The evidence is there if you know how to interpret it. This needs to be investigated.
  A question for you then!
  What happens when your router gets repeated pings from the same source?
  Does it not block them as a possible DDOS attack?
  The more gamers try this tactic the worse their traces will get & it will more than likely also affect other gamers interested in low latency through these same nodes!
  Check the timings between the true source & destination by all means but please do not
  unnecessarily stress individual points on the main ISP network backbones!
  "I have this awful feeling someone is watching every move I make (one of my pet hates is router location tagging)." Marvin (A paranoid Android)