Re: Peculiar Unresponsivness of IP

[Kartik <kartik.netsec () gmail com>]

Hi All,

To Bennett- we already tried some of the things like speed/duplex,
different switchport, unplug and plugin the cable etc.

To Michael Bellears- During the outage, hen we ping the IP address
from the internet we get "Request Timed Out" but at the same time the
dice is pingable from inside network. The device can also ping the
switch at that time.

To Eric Pinkerton- The VPN device is connected via a console, and at
the time of outage the VPN device is able to ping the switch. We also
tried capturing the packets via wireshark last week and found some STP
protocol loop, we rectified it, we also disabled the CDP protocol as
it was generating a lot of packets. Despite of this the problem
exists.

To- Ong Chin Kiat- We can not alter the topology as the datacenter/
site is in a different country. Nothing has been changed on the branch
office tunnels and Does a virus or a Worm can flood the VPN device
like that? SInce the data will be tunneled and encrypted, i think this
can not be the case. What do you say? And as far as logs are
concerned, we cheked the logs and didnt find anything, we also opened
a ticket with Nortel and sent the logs to them but unfortunately they
also said "Everything lokks to be good"

On Dec 20, 2007 6:41 PM, Kartik <kartik.netsec () gmail com> wrote:
> Hi,
>
> We have been facing a peculiar issue since last 15 days, what happens
> is that ONE of our Public IP addresses which is assigned to a Nortel
> VPN device gets unreachable(request timed out) for 2-3 MINUTES after
> every 5 to 10 HOURS. It adversely affects the Branch Office VPN
> tunnels the moment the Public IP assigned to it gets unresponsive from
> the internet.
>
> The setup is like this:---- <Internet cloud>------- <Cisco Internet
> Router which is inside our Network>------ <Cisco Switch>-------<Notel
> VPN Device>-----<Firewall>---------<LAN> (Plz note that this setup has
> been running since last 3-4 yrs without a problem)
>
> Interestingly, When we try pinging the device (Public IP) from the
> internet we get "request time out" at the time of outage but at the
> same time when we try to ping the device from inside network, we are
> able to ping it.
>
> In short, when the outage occours:
>
> 1) we are able to ping the Internet Router
> 2) we are able to ping the Switch IP from the Router (for testing
> purpose we gave the public IP to switch and at the time of outage the
> public IP of switch is pingable)
> 3) we are NOT able to ping the Nortel VPN device
> 4) we are able to ping the Nortel VPN device from INSIDE NETWORK
> 5) we are able to ping the SWITCH from Nortel VPN device at the time of outage
>
> The most interesting part of it is that this outage lasts for only 2-3
> minutes and the connectivity automatically gets restored after 2-3
> minutes. We cant even presume that when this outage will happen again.
> sometimes the duration between the outages was 5hrs, sometimes 8hrs
> and sometimes even 16hrs.
>
> We opened a ticket with Nortel technical support and after all the
> analysis they said that VPN device is working fine. Even we also
> cheked the Cisco Switch and it also seems to be Ok.
>
> Please suggest.
>
> --
> Thanx,
> Kartik
> www.hcl.in
> +1 408 416 2089 X 5313
> +91 9810998169



-- 
Thanx,
Kartik
www.hcl.in
+1 408 416 2089 X 5313
+91 9810998169