We have the network designed and running as below.
Dual core 6500 as distribution switch
Fwsm as front end firewall
MPLS WAN router
MPLS WAN router
LAN 3560 switch connecting local PCs and servers
When we ping the server in DR site from Main site , we are getting 4 ping Request Timeout for every 30 minutes.
The packet flows is as below
Main sitePC-Core switch-FWSM-MPLS Router-ISP WAN cloud-DR MPLS router-DR switch-server.
I want to troubleshoot that where in the transsit path 4 icmp packet drops.In order to resolve this issue, i setup my home lab with some of L3 3550 switch and 3700 router. I want to apply debug ip packet details cmd on 3550 switch and 3700 router then monitor the packet flow between 2 pcs connected end to end. When I run the debug ip packet cmd on switch and router I can not see any console message for the packet flow transiting the device but if I ping switch or router interface then I could see the console message with d=x.x.x.x as local switch/router interface IP but not the transit traffic.
Also could you give the ASA or FWSM packet tracer feature to troubleshooting the packet flow thro the FWSM .
Re: Ping request timedout between Main and DR site
When I run the debug ip packet cmd on switch and router I can not see
any console message for the packet flow transiting the device but if I
ping switch or router interface then I could see the console message
with d=x.x.x.x as local switch/router interface IP but not the transit
You need to disable ip route-cache and ip route-cache cef from the transit interfaces in order to see these packets on the debug.
Make sure to enable those features back once the debug is completed as the router will produce higher throughput with fast-switching and CEF turned on.
As for the ASA and FWSM query, please repost in the security section.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...