• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Help with T1 connection constantly dropping...

J

jyi786

Supreme [H]ardness
2FA
Joined
Jun 13, 2002
Messages
5,847
I have a Covad T1 connection, with a Netopia router and a Netscreen firewall, all supplied by Covad. Covad administers both of them, so I have no access.

Here is the problem. At random intervals, during the day, the internet connection will just drop. No ping commands work, as there is no IP address (using DHCP from the router). However, the actual physical connection does not drop. Let me explain a bit further. This is how I am setup:

T1 Line > Covad router > Netscreen firewall > switch/hub (distribution)

I have 3 computers NOT behind the firewall. They are connected directly to the Covad router. When the connection drops, these computers work perfectly fine.

Also, when the internet does work, I ping the firewall. I get massive packet loss:

Reply from 68.164.103.130: bytes=32 time=16ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time=16ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time=16ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time=32ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time=16ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Request timed out.
Request timed out.
Request timed out.
Reply from 68.164.103.130: bytes=32 time=625ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64
Reply from 68.164.103.130: bytes=32 time<10ms TTL=64

Ping statistics for 68.164.103.130:
Packets: Sent = 69729, Received = 593, Lost = 69136 (99% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1500ms, Average = 1ms
Control-Break


This is pinging the firewall. Why do I get so much packet loss, and why does the internet get dropped randomly for computers BEHIND the firewall, but not for those NOT behind it?

Thanks.
 
its definately a problem with the firewall. Does it have all the most recent updates? have you power cycled the firewall?

B
 
Netscreen firewall, all supplied by Covad. Covad administers both of them, so I have no access
Click to expand...

Can we assume you'd called them and asked about the problem and supplied them with all the information (ping log and such) since you are most likely paying them a great deal of money for their services?

Seriously, the problem seems to be with a device they have full control over, call them up and find out why.
 
Yes I did call them, and have been on the phone non-stop. They have not helped me one bit. They sent 3 technicians at different intervals. They changed the router each time, and made some adjustments that didn't help. Covad even said there was a problem with my wiring; I got my whole place re-wired with Cat 5-E duplex wiring, and it still didn't help. :(
 
ajm786 said:
Yes I did call them, and have been on the phone non-stop. They have not helped me one bit. They sent 3 technicians at different intervals. They changed the router each time, and made some adjustments that didn't help. Covad even said there was a problem with my wiring; I got my whole place re-wired with Cat 5-E duplex wiring, and it still didn't help. :(
Click to expand...


Have they done anything with the firewall directly?
 
Did you honestly have to post that entire ping log?
the tally at the end would have sufficed



It has to be a problem with the firewall, because as you say yourself the machines outside the firewall are fine.

Has covad replaced the firewall? or just the router?
 
If you would have it, I edited it to take out a large majority of the ping log. Sorry about that. :p

Covad just replaced the router, not the firewall.

Now get this. When I go home and ping the IP address of the firewall, I get less than a 5% packet loss. :confused: That's really got me confused. Why don't one of you try it and tell me what you get?
 
pinging now.....

Little packet loss, but in short bursts the ping time is greater then 1second (really bad)

--- 68.164.103.130 ping statistics ---
36 packets transmitted, 35 received, 2% packet loss, time 35006ms
rtt min/avg/max/mdev = 56.064/2614.481/7402.348/2296.567 ms, pipe 8


EDIT
Another run, this time I did 100, half a second between sending the packets

--- 68.164.103.130 ping statistics ---
100 packets transmitted, 99 received, 1% packet loss, time 49941ms
rtt min/avg/max/mdev = 53.609/2662.569/6684.763/2033.480 ms, pipe 14
 
Xipher said:
pinging now.....

Little packet loss, but in short bursts the ping time is greater then 1second (really bad)

--- 68.164.103.130 ping statistics ---
36 packets transmitted, 35 received, 2% packet loss, time 35006ms
rtt min/avg/max/mdev = 56.064/2614.481/7402.348/2296.567 ms, pipe 8
Click to expand...


This = bad firewall?
 
ajm786 said:
This = bad firewall?
Click to expand...

When you have something taking that long to respond to a ping, something is flaky, esspecially when it doesn't match other points, which were as low as 57. unless its under a heavy load, it shouldn't be that bad.
 
Right on the page says:


It can also identify 2 serious error conditions:

* Duplex Mismatch
* Excessive packet loss due to faulty cables.
Click to expand...


Just an idea, try checking the cable if you havn't already.
 
Slawterr said:
Just an idea, try checking the cable if you havn't already.
Click to expand...

Personally I would have thought the company he is working with would have done that already, still should have mentioned something. (Says I slapping my forhead)
 
ajm786 said:
Covad even said there was a problem with my wiring; I got my whole place re-wired with Cat 5-E duplex wiring, and it still didn't help. :(
Click to expand...


I already mentioned this earlier on. Running the test said that there were no faulty cables found.
 
A couple of suggestions. You say that convad has replaced their CSU/DSU (If you have a T1 the covad router is probably acting as the CSU/DSU and router of some sort) Have you triend replacing the Netscreen Firewall? Or better yet can you setup a time after buisness hours to remove the firewall altogether and run in the open? This might help narrow things down. Another thing you can request from your T1 provider is for the monitor your T1 for a 24 hour period. T1's can get whats called errored seconds(ES) or Severely Errored Seconds(SES) which can cause much havoc with data connections. (Voice to but a little different) These errors will not bring the T1 down but can create the illusion of a dropped connection. having your T1 provider monitor the circuit for 24/48 hours will allow them to get a log of any errors that may occur on your circuit. Good luck
 
You must log in or register to reply here.
Back
Top