Re: Intermittent intra-LAN connectivity

From: Ed Horley (list-ed_at_13systems.com)
Date: 05/25/04 

Date: Tue, 25 May 2004 13:00:58 -0700

What version code are you running on the PIX? Also, on the managed switch
turn on local logging functions, if it is a cisco switch use:
logging buf 4096 debug

Then do: show log

Since you are physically 15 floors away (20' per floor x 15 floors = 300ft
or so) you might want to see if you are getting late collisions on the
interface that has the long cable.

Also, double check that all the subnets are correct for all the interfaces.
If there was a change in the DHCP scope and the wrong subnet is in there at
could cause you some problems since all the broadcast addresses on the
workstations would be different then the network gear.

I would also plug a laptop (with a sniffer) directly on the end of the long
cable and see if you can see all the traffic you expect to see on the
network. I would give the laptop an ip address and see if you can ping the
FW and server and have the sniffer capture the results.

Regards,
Ed

"Dan Horne" <danDOESNOTLIKESPAM@taisweb.net> wrote in message
news:11fe601c44255$5f642af0$a001280a@phx.gbl...
> Sorry for the long post, but I want to make sure I cover
> everything:
>
> 2 weeks ago, a client began experiencing difficulties
> with their local network. Pinging around inside to the
> other desktops and their server produces strange
> results. The first ping is almost always returned
> immediately, followed by 3 timeouts. If you immediately
> ping again, you get 100% loss. If you wait a few minutes
> and try again, again you will get 1 followed by none.
> This occurs for all computers EXCEPT MAIN SERVER and
> except the gateway. There is a file server that also
> experiences this problem. The clients cannot get files
> off of the server due to connections dropping.
>
> SETUP:
> There are 2 servers (1 W2K3SBE, 1W2K), 5 XP Pro stations,
> 2 Mac desktops and 2 Mac PBooks all running OS X. The
> W2K3 server and the gateway are in our server room, and
> the rest is 15 floors down in their office, connected by
> a single Cat5e cable (they never have a problem
> contacting the server or the gateway, though). The
> clients had a mixture of switches and hubs in their
> office. The gateway is a Cisco PIX 515, and the clients
> are connected to a dedicated interface on that firewall
> and are port-address-translated to a dedicated public
> address.
>
> I HAVE TRIED:
> 1. Replaced all hubs with switches. No change.
> 2. Temporarily replaced all switches with hubs and ran a
> packet sniffer. I saw NO unusual traffic, and not a
> whole lot of it (about what would be expected from such a
> small network).
> 3. Tested the long line for attenuation. Signal is good.
> 4. Only one of the switches is a "smart switch" (the one
> connected to the server and gateway and the long cable),
> but I am seeing no collisions or errors on any port on
> that switch.
> 5. Turned off computers one-at-a-time (including servers)
> to see if any single computer was the source. No change.
> 6. Disconnected switches one-at-a-time to see if any LAN
> segment was responsible. No change on any segment.
> 7. Plugged into different interface on the firewall. No
> change.
>
> OBSERVATIONS:
> 1. The problem began when the firewall began refusing all
> connections for all interfaces and was rebooted. The
> problem does not show up on any other network connected
> to the firewall.
> 2. The clients have a good, fast internet connection
> through the firewall with no packet loss.
> 3. The Mac's seem to be "offline" more than the Windows
> stations, but all of the comps are up-and-down.
>

Relevant Pages

  • Re: Live so close !!!
    ... For example, a system would be web server software, ... augmented from backend systems - stock prices, interest rates, special offers etc - either via a feed or a content management system running on the Controller. ... a firewall and consider it secure. ... switch looking for patterns. ...
    (uk.games.video.xbox)
  • Re: SQL clients dropping connections on WAN
    ... I can transfer files over the connections, ... Server, even see the SQL 2000 server. ... The only change made when we did the DSL switch ... The forth server is actually on it's own subnet in the DMZ of the firewall ...
    (microsoft.public.sqlserver.clients)
  • Vista Protocol and Program Networking Issues
    ... connections aren't even getting to the servers I'm trying to connect. ... "failed to connect to the port 22 on SERVER" ... firewall both turned off, and turned on. ... also have worked in and outside the network, ...
    (microsoft.public.windows.vista.networking_sharing)
  • Re: Connection Sharing on demand
    ... user has to authenticate for each time they want an Internet service, ... That can be done as a firewall application with lots ... you'd have the user connect to a server ... mentioned blocking inbound connections - that's trivial to do with the ...
    (comp.os.linux.networking)
  • Re: smtp and iptables
    ... Still - even with that rule in the OUTPUT chain permitting outgoing ... smtp connections I can't send e-mails. ... permit returning icmp packages I can even ping the target mail server. ... But the smtp connection times out and my guess is that my firewall ...
    (comp.os.linux.networking)