Announcement

Collapse
No announcement yet.

Cisco 877 and 887 frequently drop LAN for 8 seconds

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 877 and 887 frequently drop LAN for 8 seconds

    Hello all


    I have a strange but really annoying problem with my C877. I have swapped it with another 877 and the problem persists, and I've also tried an 887VA with a comparable config and the same problem happens there too.

    5 or 6 times each day the LAN drops. This means I lose VPN connections on any of the computers on the LAN, web pages time out, etc. It happens every day.

    I have swapped routers, swapped switches, tried various 12.4 versions and various 15.x versions, on 877 and 887VA routers.

    If I have a continuous ping (ping -t x.x.x.x) from a PC on the LAN to google's DNS servers (8.8.8. I see this:



    Reply from 8.8.8.8: bytes=32 time=33ms TTL=47
    Reply from 8.8.8.8: bytes=32 time=33ms TTL=47
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Reply from 8.8.8.8: bytes=32 time=34ms TTL=47
    Reply from 8.8.8.8: bytes=32 time=33ms TTL=47
    Reply from 8.8.8.8: bytes=32 time=33ms TTL=47
    Reply from 8.8.8.8: bytes=32 time=33ms TTL=47

    I get this whichever PC I do the ping from. I've also changed network switches so I know it's not the switch (continuous pings to other devices on the LAN always work correctly with no interruption).


    When the problem happens, pings to the router (192.168.1.1) also fail:



    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.
    Reply from 192.168.1.1: bytes=32 time=2ms TTL=255
    Reply from 192.168.1.1: bytes=32 time=1ms TTL=255

    But strangely, the internet connection is NOT dropping. I can prove that in two ways. Firstly, a continuous ping from a remote site back to this router across the WAN never drops:


    Reply from 11.22.33.444: bytes=32 time=44ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=62ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=43ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=45ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=157ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=43ms TTL=251
    Reply from 11.22.33.444: bytes=32 time=43ms TTL=251


    Also, sh caller shows that the WAN didn't drop:



    Cisco877#sh caller
    Active Idle
    Line User Service Time Time
    vty 2 root VTY 00:09:46 00:00:00
    Vi3 <unknown phone number> \
    PPPoATM 5d17h 00:00:08
    Cisco877#




    I'm at a complete loss. Can anyone help please? Either to sggest the cause or to suggest appropriate diagnostics steps.

    My config is attached


    Many thanks



    Jim
    Attached Files

  • #2
    Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

    Since you're unable to ping the router's LAN address when this happens (while the external IP remains reachable), it's pretty obvious that the problem is on the LAN side.

    When you're unable to ping the router, do you still get an ARP response? Try arp -d 192.168.1.1 followed by ping 192.168.1.1 and arp -a in quick succession.

    What do the statistics look like on the ethernet port on the router that's connected to the switch? Post the output from show interface fastethernet0/0 (or whichever port you're using) before and after one of these dropouts.

    What is the make and model of your switch? Is it running Spanning Tree?
    Last edited by Ser Olmy; 4th December 2014, 22:55.

    Comment


    • #3
      Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

      Thanks Ser, I'll check arp next time it drops.

      The switch is unmanaged, a 24-port tp-link gigabit. But we have had exactly the issue when we had a different switch, which we tried in both managed and unmanaged modes.

      Comment


      • #4
        Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

        Still no joy, and I've added speed settings to the ports:

        interface FastEthernet0
        duplex full
        speed 100
        !
        interface FastEthernet1
        duplex full
        speed 100
        !
        interface FastEthernet2
        duplex full
        speed 100
        !
        interface FastEthernet3
        duplex full
        speed 100

        I'm now connected to a different port on the Cisco nad I've had a load of continuous pings running. When the problem occurs, pings to the router fail (and my PC-based connections drop) but pings to other devices on the LAN all succeed, as do pings from a remote site to the WAN IP. So it's definitely something on the LAN side of the router.


        Output from show int hasn't yielded anything sensible; this is immediately after the last drop:


        Cisco877#sh interfaces fastEthernet 3
        FastEthernet3 is up, line protocol is up
        Hardware is Fast Ethernet, address is 0021.a0e9.55bb (bia 0021.a0e9.55bb)
        MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
        reliability 255/255, txload 1/255, rxload 1/255
        Encapsulation ARPA, loopback not set
        Keepalive set (10 sec)
        Full-duplex, 100Mb/s
        ARP type: ARPA, ARP Timeout 04:00:00
        Last input never, output never, output hang never
        Last clearing of "show interface" counters never
        Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 41
        Queueing strategy: fifo
        Output queue: 0/40 (size/max)
        5 minute input rate 11000 bits/sec, 8 packets/sec
        5 minute output rate 62000 bits/sec, 8 packets/sec
        1416680 packets input, 210523575 bytes, 0 no buffer
        Received 29959 broadcasts, 0 runts, 0 giants, 0 throttles
        1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored
        0 input packets with dribble condition detected
        1750791 packets output, 852592345 bytes, 0 underruns
        0 output errors, 0 collisions, 2 interface resets
        0 unknown protocol drops
        0 babbles, 0 late collision, 0 deferred
        0 lost carrier, 0 no carrier
        0 output buffer failures, 0 output buffers swapped out









        Please help, I'm going nuts with this as it's causing a lot of embarrasment when Skype/Lync calls drop mid-call I'm going to have to replace it with a Netgear at this rate.


        Many thanks

        Jim

        Comment


        • #5
          Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

          do you have any firewalling or ACLs on the router ? (I couldn't really see the config, sorry, it had no line breaks)
          have you replaced the network cable between switch and router ?
          any debugs running ?
          any pattern on when it happens ?
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

            Originally posted by jimwillsher View Post
            Still no joy, and I've added speed settings to the ports:
            That's actually a really bad idea, since it deactivates the 802.3 and 802.3x auto-negotiation mechanisms. As a result, the switch will probably default to half duplex, so you'll get a duplex mismatch and the switch will detect tons of (imaginary) collisions.

            If you lock the speed and duplex settings, you must do so at both ends of the link.
            Originally posted by jimwillsher View Post
            Output from show int hasn't yielded anything sensible; this is immediately after the last drop:
            You're right; nothing there to suggest there's a problem at the lower layers. A defective interface or cable should have caused at least some of the error counters to be incremented.
            Originally posted by jimwillsher View Post
            Please help, I'm going nuts with this as it's causing a lot of embarrasment when Skype/Lync calls drop mid-call
            You've tried different switches and different routers, and there's nothing obviously wrong with the cable and nothing about the interface statistics to suggest interference of any kind. That leaves Spanning Tree and the higher layers (from 3 and upwards:
            • Spanning Tree does have the ability to deactivate ports if a loop is detected, and the default Listening/Learning interval of the original 802.1d protocol (15 + 15 seconds) sort of matches the number of missed ping packets. Your router has a small built-in switch, so running show spanning-tree in exec mode should tell you if there's another Spanning Tree-cabaple device on the network.
            • An IP conflict would also result in very similar symptoms, if another device on the network has been assigned the IP address of the router. Next time you lose the connection, make sure to run arp -a on one of the computers and check the MAC address of the gateway IP. Then run it again once things return to normal and compare the output.
            • The firewall ruleset on the router could also be causing problems, although I can't see anything obviously wrong with it. I guess you could try removing the access list from the VLAN interface (no ip access-group acl-INT-IN in), but as access lists are stateless, I really wouldn't expect it to make a difference.
            • You have four switch interfaces on the router, one of which is connected to another switch. Have you tried connecting a computer directly to one of the unused ports on the router? Might be interesting to see if that computer would retain its connection to the router and/or the internal network next the problem manifests itself.

            Unless this is a configuration issue with the Cisco router, replacing it with a router from another manufacturer may not make any difference at all, and if it doesn't, it might reflect badly on you.

            Comment


            • #7
              Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

              Originally posted by tehcamel View Post
              do you have any firewalling or ACLs on the router ? (I couldn't really see the config, sorry, it had no line breaks)
              Oh, but there are plenty of line breaks. UNIX line breaks, that is, as is always the case with Cisco configurations retrieved directly from a router or a switch.

              Notepad expects MS-DOS CR/LF line breaks, but Wordpad (Write) will open such files just fine (and convert/mangle the line breaks if you save the file, but that's another matter).

              Comment


              • #8
                Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

                I've done a confreg reload of everything and...so far....it seems to be working.....

                Many thanks


                Jim

                Comment


                • #9
                  Re: Cisco 877 and 887 frequently drop LAN for 8 seconds

                  Originally posted by Ser Olmy View Post
                  Oh, but there are plenty of line breaks. UNIX line breaks, that is, as is always the case with Cisco configurations retrieved directly from a router or a switch.

                  Notepad expects MS-DOS CR/LF line breaks, but Wordpad (Write) will open such files just fine (and convert/mangle the line breaks if you save the file, but that's another matter).
                  yea yea, i know. i could probably have opened it on a linux machine instead, i jus have heaps going on
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment

                  Working...
                  X