Home page logo

pen-test logo Penetration Testing mailing list archives

Re: When cat comes chasing...
From: WALI <hkhasgiwale () gmail com>
Date: Sat, 24 Mar 2007 19:19:42 +0400

Thanks Mathew and all others who replied.

I have set the two sides facing each other of my two routers connecting interbuilding, to 100MB/FD. They were set to Auto/FD but showing the link as communicating at 100 MBps, which is what my EoATM link speed is, as provided by ISP.

The other side of the router facing the inside of LAN in Building B, is configured to Auto and is connected to (now new) gigabit switches, also set to Auto.

Most of the stations within my LAN are now a combination of 100MB and Gigabit.

I am waiting for Monday..!! Will keep you guys updated.

The new switches have fast STP enabled. It wasn't before in the older ones.
But guys...when the problem comes..the users within Building B cannot ping each other without getting a delay of 300-400 msecs. The printers start taking ages to spool and finish print operations. Could this also be caused by intra-building routing issues?

At 03:08 PM 3/23/2007 -0700, Matthew Leeds wrote:
Manually configure the switch ports on the two sides of the routers and the router ports to 100Mb FD. Don't rely on auto, while it 'auto' work, it often doesn't. We've seen this problem time and again, mostly with Cisco gear, but also with others.

*********** REPLY SEPARATOR  ***********

On 3/24/2007 at 12:18 AM WALI wrote:

>We have 100 MBps EoATM link between two office buildings. Say A and B.
>Server and majority of users are in Building A while a few (about 150) are
>in Building B. Router on the Building B end is configured for QoS as there
>is also Voice traffic floating across.
>The connection between the two buildings has been recently upgraded to 100
>MBps from initial 10Mbps. The gigabit interfaces on the two sides of
>routers are set to Auto,Full Duplex.
>Once every 2-3 days, users from building B starts to complain about slow
>network connections to Servers lying in Building A. The usual ping from B
>to A that takes <1ms, increases to 30-40ms. Ethereal shows no Broadcast
>traffic. Building A users complain of no such problems either. 100 Mbps
>connectivity between the two buildings remains under utilised. I have set
>up an 'ntop' box in Building A with a mirror port to router interface on
>this side. The max traffic "network load' graph is 3-4MB at peak time.
>Crazy Solution: I take out any patch cable and re-inserts it, the problem
>gets resolved. I reset any switch, the problem gets resolved. I disconnect
>any uplink cable between the four switches or do a ARP reset thru command
>line, the problem gets resolved for couple of hours or even days.
>And something that I recently observed...I do nothing, the problem
>and ntop shows a sudden drop bringing network load suddenly down from the
>maximum of 3MB.
>But where could the problem lie?
>I have ran Nessus, did find quite a few windows unpatched machines in
>Building B that had lost their connection with WSUS, so did the patching.
>Made sure that all the machines are running latest anti-virus definitions.
>Sent a mail across to all users to get their laptops checked for latest
>updates (few have returned although).
>What else can I do next time the problem recurs. It's a mystery till now.
>The switch support provider has upgraded the IOS and says there is nothing
>wrong with the switch. The VoIP provider maintains there instruments are
>fine. What else can help me here apart from routine wireshark/ethereal?
>Yesterday, we forced the Switch provider to change the four switches from
>one non-cisco type to another (again non-cisco) but quite renowned.
>My concern is, if the problems recurs...the cat comes again out of the
>it would be a big mystery to solve for which I have no clue.
>This List Sponsored by: Cenzic
>Need to secure your web apps?
>Cenzic Hailstorm finds vulnerabilities fast.
>Click the link to buy it, try it or download Hailstorm for FREE.
>http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160 0000008bOW

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]