Home page logo
/

nanog logo nanog mailing list archives

Re: Max TNT ping thing
From: Matthew Crocker <matthew () crocker com>
Date: Wed, 27 Aug 2003 13:46:15 -0400



On Wednesday, August 27, 2003, at 12:46 PM, Ejay Hire wrote:


Here is a summary of our experiences with the bug.

Last Thursday, A TNTs with years of uptime rebooted.  No cause was
apparent, and nothing relevant happened in the logs.  On Friday, It
happened to a different TNT.  This occurred with increasing frequency
over the weekend, and we didn't get a lot of sleep.  We tried using a
filter in the tnt to block port 135 and 4444 to no avail, and then tried
a filter to block ICMP in the tnt also to no avail.  Next, we removed
the tnt filters and tried rate-limiting ICMP to the TNT's.  That didn't
work.  Next we removed the rate-limit and applied the Cisco-supplied
anti-nachi route-map to the upstream interfaces facing the Tnt's.  This
significantly reduced the problem, but we were still rebooting every 12
hours or so.  Disabling route-caching on the TNT stopped the rebooting
problem, but we were seeing 40% packet loss on one of the TNTs.  (Note,
both TNT's have a Ds-3 of PRI's, and use the TNT-SL-E10-100 four port
Ethernet cards)  The packet loss was only affecting one TNT, and we
discovered that it was running 9.0.6 while the unaffected box was
running 9.0.9.  Upgrading the box to 9.0.9 fixed the packet loss issue.
We are currently up and haven't had any blips in 24 hours.  (knock on
wood.)


We have a Lucent APX 8000 which is essentially a TNT on steroids. We have not experienced any of the issues. We are running TAOS 10.0.2


-Matt


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]