IP inspect has been running on a clients router for around 1-1/2 years. Around 2 months ago, they started having what they throught were DNS problems. I eventually got involved, and tracked it down to their 2611 Internet router. As soon as I turn off IP inspect, everything works as normal. The interesting problem is that this appears to only affect DNS responses, as I can still telnet, ftp, web browse, etc., if I know the IP address.
The router was initially running 12.0(7), and since then I've tried 12.1(?)GD, and 12.2(13b). They all do exactly the same thing. The router config was not changed, as I have the original config - I configured the router and date when I save them. Additionally, I pulled the old router out and put in another 2600, and they have had no problems.
It appears that DNS responses are dropped when a threshold is reached for the number of inspection sessions. UDP timeouts are set for 15 seconds, tcp and other protocol timeouts are set for 3600. The router has 16 MB flash and 48 MB DRAM, and when this is happening there is 23 MB or so DRAM left. I initially thought it might be memory related; however, I feel that something in additional to DNS responses would be impacted if that was the case.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...