Intermittent intra-LAN connectivity

D

Dan Horne

Sorry for the long post, but I want to make sure I cover
everything:

2 weeks ago, a client began experiencing difficulties
with their local network. Pinging around inside to the
other desktops and their server produces strange
results. The first ping is almost always returned
immediately, followed by 3 timeouts. If you immediately
ping again, you get 100% loss. If you wait a few minutes
and try again, again you will get 1 followed by none.
This occurs for all computers EXCEPT MAIN SERVER and
except the gateway. There is a file server that also
experiences this problem. The clients cannot get files
off of the server due to connections dropping.

SETUP:
There are 2 servers (1 W2K3SBE, 1W2K), 5 XP Pro stations,
2 Mac desktops and 2 Mac PBooks all running OS X. The
W2K3 server and the gateway are in our server room, and
the rest is 15 floors down in their office, connected by
a single Cat5e cable (they never have a problem
contacting the server or the gateway, though). The
clients had a mixture of switches and hubs in their
office. The gateway is a Cisco PIX 515, and the clients
are connected to a dedicated interface on that firewall
and are port-address-translated to a dedicated public
address.

I HAVE TRIED:
1. Replaced all hubs with switches. No change.
2. Temporarily replaced all switches with hubs and ran a
packet sniffer. I saw NO unusual traffic, and not a
whole lot of it (about what would be expected from such a
small network).
3. Tested the long line for attenuation. Signal is good.
4. Only one of the switches is a "smart switch" (the one
connected to the server and gateway and the long cable),
but I am seeing no collisions or errors on any port on
that switch.
5. Turned off computers one-at-a-time (including servers)
to see if any single computer was the source. No change.
6. Disconnected switches one-at-a-time to see if any LAN
segment was responsible. No change on any segment.
7. Plugged into different interface on the firewall. No
change.

OBSERVATIONS:
1. The problem began when the firewall began refusing all
connections for all interfaces and was rebooted. The
problem does not show up on any other network connected
to the firewall.
2. The clients have a good, fast internet connection
through the firewall with no packet loss.
3. The Mac's seem to be "offline" more than the Windows
stations, but all of the comps are up-and-down.
 
S

serverguy

Just for yucks, have you checked the link speed/duplex settings on all the
pcs and ports and forced them to a set speed rather than using Auto?
 
D

Dan Horne

-----Original Message-----
Just for yucks, have you checked the link speed/duplex settings on all the
pcs and ports and forced them to a set speed rather than
using Auto?

Yes, I forced all applicable ports to the proper speed
(10/FULL for the firewall, 100/FULL for all others). I
am seeing no collisions or errors on the managed switch-
ports. The problems are continuing, however.

Thanks for your suggestion.
 
P

Phillip Windell

You can't "mix and match". Whatever you set them to, must be set the same
for all. If you run only 10mbps hubs then 10mbps is all you can ever do.
It will always be the lowest common demominator that you have to go by.

If you leave 100mbps NICs in the workstations, replace the Hubs/Switches
with 100mbps units and yank out the Gigabit Nics and replace them with
100mbps Nics so that everything now matches,..you will probably be fine
leaving all set to "Auto" after that.
 
E

Ed Horley

What version code are you running on the PIX? Also, on the managed switch
turn on local logging functions, if it is a cisco switch use:
logging buf 4096 debug

Then do: show log

Since you are physically 15 floors away (20' per floor x 15 floors = 300ft
or so) you might want to see if you are getting late collisions on the
interface that has the long cable.

Also, double check that all the subnets are correct for all the interfaces.
If there was a change in the DHCP scope and the wrong subnet is in there at
could cause you some problems since all the broadcast addresses on the
workstations would be different then the network gear.

I would also plug a laptop (with a sniffer) directly on the end of the long
cable and see if you can see all the traffic you expect to see on the
network. I would give the laptop an ip address and see if you can ping the
FW and server and have the sniffer capture the results.

Regards,
Ed
 
D

Dan Horne

Thanks for the suggestions. One thing that it all comes
back to is that the LAN works normally when the "long
line" is unplugged.

We are going to run a new line down there today, but this
time we are going to put in a switch on the 7th floor to
act as a repeater.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top