[c-nsp] Weird Web Browsing Issues On ADSL Circuit
Dominic
dominic at broadconnect.ca
Thu Apr 29 12:13:35 EDT 2010
Hi Everyone:
I have an ADSL customer who uses a Cisco 1841 CPE for Bonded ADSL. Circuit has worked perfectly for the past one year, but all of a sudden, out of nowhere, web browsing suddenly stopped working! yesterday
Now, every other type of traffic -VPN, FTP, SMTP, PING, DNS, etc - still works just fine! In fact, web browsing also works fine for the first ONE minute after the router it started. After one minute, all web browsing stops! Doesn't matter if you are going through NAT or not. Doesn't matter if you connect the entire LAN, or just one PC.
Interesting .. when I use a different CPE to terminate the circuit -Netopia- web browsing works just fine! But when I plug the Cisco 1841, web browsing stops.
No, defective hardware is ruled out. Already swapped the Cisco 1841. And no, nothing has changed on the ISP side. And yes, there are many other customers on the same ADSL network who are using the exact same CPE configuration.
Any ideas? Please help: LNS-Side and CPE config below.
Dominic
LNS CONFIG
vpdn-group Telco1-ADSL
! Default L2TP VPDN group
accept-dialin
protocol l2tp
...
ip pmtu
ip mtu adjust
-------------------
interface Virtual-Template1
description Telco1-ADSL-STATIC
mtu 1492
...
ip verify unicast reverse-path
ip tcp adjust-mss 1420
...
ppp mtu adaptive
ppp multilink
-----------------------
CPE CONFIG
shwo config config
Using 4863 out of 196600 bytes
!
!
version 15.0
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xxxx
!
boot-start-marker
boot system flash:c1841-ipbasek9-mz.150-1.M.bin
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 XXXXX
!
no aaa new-model
clock timezone est -5
clock summer-time edt recurring
dot11 syslog
no ip source-route
no ip gratuitous-arps
ip icmp rate-limit unreachable 1000
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.20
!
ip dhcp pool LANSUBNET
network 192.168.1.0 255.255.255.0
dns-server X.X.X.X X.X.X.X
default-router 192.168.1.1
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name XXXXX
ip name-server XXXXX
ip name-server XXXXX
multilink bundle-name authenticated
!
license udi pid CISCO1841 sn FHK100350RD
archive
log config
hidekeys
path ftp://XXXXX/cisco.customer.backups/XXXXX.runningconfig
write-memory
time-period 43200
username XXXXX privilege 15 secret 5 XXXXX
!
!
ip tcp synwait-time 10
ip ftp username XXXXX
ip ftp password 7 XXXXX
ip ssh time-out 60
ip ssh version 2
!
class-map match-all to.XXXVOIP.CLASS
description Traffic to XXXVOIP
match access-group 100
class-map match-all from.XXXVOIP.CLASS
description Traffic From BCT VOIP
match access-group 101
!
!
policy-map from.XXXVOIP.POLICY
class from.XXXVOIP.CLASS
priority percent 75
policy-map to.XXXVOIP.POLICY
class to.XXXVOIP.CLASS
priority percent 75
!
!
!
!
!
interface FastEthernet0/0
description LAN Network
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no ip virtual-reassembly
duplex auto
speed auto
no mop enabled
service-policy output from.XXXVOIP.POLICY
!
interface FastEthernet0/1
description Public Lan Interface
ip address X.X.X.X 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
duplex auto
speed auto
no mop enabled
service-policy output from.XXXVOIP.POLICY
!
interface ATM0/0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no atm ilmi-keepalive
dsl enable-training-log
hold-queue 224 in
bundle enable
!
!
interface ATM0/0/0.1 point-to-point
description ADSL #2 XXXXX
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface ATM0/1/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no atm ilmi-keepalive
!
interface ATM0/1/0.1 point-to-point
description ADSL #1 XXXXX
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface Dialer1
ip address negotiated
ip nat outside
no ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer-group 1
ppp authentication pap callin
ppp pap sent-username XXXXX at DOMAIN password 7 XXXXX
ppp ipcp dns request
ppp multilink
ppp multilink links maximum 2
ppp multilink links minimum 1
ppp multilink load-threshold 1 either
ppp multilink interleave
ppp multilink fragment delay 10
no cdp enable
service-policy output to.XXXVOIP.POLICY
!
no ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
logging trap debugging
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 99 permit XXXXX
access-list 99 permit XXXXX
access-list 100 permit ip any X.X.X.X 0.0.0.31
access-list 101 permit ip X.X.X.X 0.0.0.31 any
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
no cdp run
!
!
control-plane
!
banner login ^CCC==============================================
= WARNING! WARNING! WARNING! WARNING! =
= UNAUTHORIZED ACCESS STRICTLY PROHIBITED! =
= All connections and keystrokes logged =
==============================================
^C
!
line con 0
login local
line aux 0
line vty 0 4
access-class 99 in
login local
transport input ssh
line vty 5 15
access-class 99 in
no login
transport input ssh
!
scheduler allocate 4000 1000
end
More information about the cisco-nsp
mailing list