Security Basics mailing list archives
RE: Peculiar Unresponsivness of IP
From: "Eric Pinkerton" <EPinkerton () soulaustralia com au>
Date: Fri, 21 Dec 2007 11:59:52 +1100
I would run a Cache flow on the internet router during the downtime and see if you pick up anything unusual - ie is it being dossed? Purposely or acidentally! Can you connect to the Nortel VPN, via console, or internal address and ping the switch during these incidents? Are there any debugs on the Nortel VPN you can run to see exactly what it is doing during these times? Also think about spanning the port on the switch (or using a hub) and doing a packet capture with wireshark to see what happens - you may be able to identify a paticular packet that sets it off - perhaps somehow crashing a service or process. This could even happen if something in the vpn appliance was overheating - is the box paticularly busy when this happens? Is you're A/C cutting the mustard? Keep a log, and see if you can establish any patern whatsoever - ( I once heard a story about a link that went down everytime there was a full moon! After years of head scratching, a member of staff who was in to rowing noticed it was happening during the king tides, it turned out that a laser link was being obstructed by the HMS Belfast....a battleship moored on the banks of the Thames in London.) Eric Pinkerton
Current thread:
- Peculiar Unresponsivness of IP Kartik (Dec 20)
- Re: Peculiar Unresponsivness of IP Kartik (Dec 21)
- <Possible follow-ups>
- RE: Peculiar Unresponsivness of IP Eric Pinkerton (Dec 21)