I have a weird problem. We have a remote site which is connected via the VPN to our headoffice. They reported to our office saying they have a network issue. First I did a continous ping from pc to def gateway. It was working fine. But when I did a ping to 22.214.171.124, we can notice fluctuations as below. So I reported to the service provider. They did some testing and told us that they are able to do a continous ping to the outside public IP address of our remote site f/w. Even I was getting continous ping to the f/w. But when I ping to the inside(Subnet) of our remote site, I am loosing the packets and the output is like below.
Reply from 10.2.1.10: bytes=32 time=162ms TTL=127 Reply from 10.2.1.10: bytes=32 time=163ms TTL=127 Request timed out. Reply from 10.2.1.10: bytes=32 time=192ms TTL=127 Reply from 10.2.1.10: bytes=32 time=160ms TTL=127 Reply from 10.2.1.10: bytes=32 time=161ms TTL=127 Request timed out. Reply from 10.2.1.10: bytes=32 time=179ms TTL=127 Reply from 10.2.1.10: bytes=32 time=203ms TTL=127 Request timed out. Reply from 10.2.1.10: bytes=32 time=246ms TTL=127 Request timed out. Request timed out. Request timed out. Request timed out. Reply from 10.2.1.10: bytes=32 time=163ms TTL=127 Reply from 10.2.1.10: bytes=32 time=261ms TTL=127 Request timed out. Request timed out. Request timed out.
I could not login to the router as the connection is inconsistent and no access to f/w either(not in my scope itseems). I am new to this job, please help me how to sort this issue. Thought of installing a Teamviewr and remote into their pc and login to the router. But again no internet to that PC as the internet connection is not consistent from their side. So got struck up here. Any advice is much appreciated.
Did you say if you ping the Default Gateway from an internal PC, you get a continuous ping ? Is the default gateway is inside interface of the Firewall or do you have another router sitting behind the firewall ?
Make sure you dont have any Switching issues like loops. Or this could cause by someone from internal LAN spewing traffic (triggered by malware..) out and hogging your egress bandwidth.. If you can log in to the firewall check the input/output traffic rates and make sure this is not the case ( if you can log in to the FW that is.. :)). Or you can get someone from the LAN side to log in to your switches and check ports for any high traffic volumes.. you can trace cables and find the culprit if that's the case.
In some cases users send batch emails out with big attachements.. although this shouldn't last for days...
Thank you for your immediate response. As adviced, I have requested for i/o traffic rates from f/w team. They said, they do not have any f/w installed on that site(Probably could be a router acting as f/w). I tried using putty, but the connection is not establishing. Believe due to ACL.
Did you say if you ping the Default Gateway from an internal PC?
Yes. I called the user and asked him to do a ping request from his PC to the def. gateway. He gets a continous ping. But when he try to ping 126.96.36.199, and our DNS they are loosing packets.
Is the default gateway is inside interface of the Firewall or do you have another router sitting behind the firewall ?
I believe the def gateway is one of the router interface which is connected to internet.
I think it would be helpful to see a topology diagram so we can see how this fits together. Based on the ping response times and drops I would suspect that there is a bottleneck somewhere, probably the WAN link. Is it possible to get a "show tech" from the router?
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Try increasing you ping's timeout value (say 10 seconds), and see if you still are getting timeouts are whether you gettting very high and variable response times.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...