Transparent (or explicit) cache/proxy somewhere? What happens if you simulate an HTTP transaction via telnet?
On Thu, Apr 29, 2010 at 9:13 AM, Dominic <domi...@broadconnect.ca> wrote: > Hi Everyone: > > I have an ADSL customer who uses a Cisco 1841 CPE for Bonded ADSL. Circuit > has worked perfectly for the past one year, but all of a sudden, out of > nowhere, web browsing suddenly stopped working! yesterday > > Now, every other type of traffic -VPN, FTP, SMTP, PING, DNS, etc - still > works just fine! In fact, web browsing also works fine for the first ONE > minute after the router it started. After one minute, all web browsing > stops! Doesn't matter if you are going through NAT or not. Doesn't matter if > you connect the entire LAN, or just one PC. > > Interesting .. when I use a different CPE to terminate the circuit > -Netopia- web browsing works just fine! But when I plug the Cisco 1841, web > browsing stops. > > No, defective hardware is ruled out. Already swapped the Cisco 1841. And > no, nothing has changed on the ISP side. And yes, there are many other > customers on the same ADSL network who are using the exact same CPE > configuration. > > > Any ideas? Please help: LNS-Side and CPE config below. > > Dominic > > > > LNS CONFIG > vpdn-group Telco1-ADSL > ! Default L2TP VPDN group > accept-dialin > protocol l2tp > ... > ip pmtu > ip mtu adjust > ------------------- > interface Virtual-Template1 > description Telco1-ADSL-STATIC > mtu 1492 > ... > ip verify unicast reverse-path > ip tcp adjust-mss 1420 > ... > ppp mtu adaptive > ppp multilink > ----------------------- > > > > CPE CONFIG > > shwo config config > Using 4863 out of 196600 bytes > ! > > ! > version 15.0 > service tcp-keepalives-in > service tcp-keepalives-out > service timestamps debug datetime msec localtime show-timezone > service timestamps log datetime msec localtime show-timezone > service password-encryption > service sequence-numbers > ! > hostname xxxx > ! > boot-start-marker > boot system flash:c1841-ipbasek9-mz.150-1.M.bin > boot-end-marker > ! > logging buffered 51200 > logging console critical > enable secret 5 XXXXX > ! > no aaa new-model > clock timezone est -5 > clock summer-time edt recurring > dot11 syslog > no ip source-route > no ip gratuitous-arps > ip icmp rate-limit unreachable 1000 > ! > ! > no ip dhcp use vrf connected > ip dhcp excluded-address 192.168.1.1 192.168.1.20 > ! > ip dhcp pool LANSUBNET > network 192.168.1.0 255.255.255.0 > dns-server X.X.X.X X.X.X.X > default-router 192.168.1.1 > ! > ! > ip cef > no ip bootp server > no ip domain lookup > ip domain name XXXXX > ip name-server XXXXX > ip name-server XXXXX > multilink bundle-name authenticated > ! > license udi pid CISCO1841 sn FHK100350RD > archive > log config > hidekeys > path ftp://XXXXX/cisco.customer.backups/XXXXX.runningconfig > write-memory > time-period 43200 > username XXXXX privilege 15 secret 5 XXXXX > ! > ! > ip tcp synwait-time 10 > ip ftp username XXXXX > ip ftp password 7 XXXXX > ip ssh time-out 60 > ip ssh version 2 > ! > > class-map match-all to.XXXVOIP.CLASS > description Traffic to XXXVOIP > match access-group 100 > class-map match-all from.XXXVOIP.CLASS > description Traffic From BCT VOIP > match access-group 101 > ! > ! > policy-map from.XXXVOIP.POLICY > class from.XXXVOIP.CLASS > priority percent 75 > policy-map to.XXXVOIP.POLICY > class to.XXXVOIP.CLASS > priority percent 75 > ! > ! > ! > ! > ! > interface FastEthernet0/0 > description LAN Network > ip address 192.168.1.1 255.255.255.0 > no ip redirects > no ip unreachables > no ip proxy-arp > ip nat inside > no ip virtual-reassembly > duplex auto > speed auto > no mop enabled > service-policy output from.XXXVOIP.POLICY > ! > interface FastEthernet0/1 > description Public Lan Interface > ip address X.X.X.X 255.255.255.248 > no ip redirects > no ip unreachables > no ip proxy-arp > duplex auto > speed auto > no mop enabled > service-policy output from.XXXVOIP.POLICY > ! > interface ATM0/0/0 > no ip address > no ip redirects > no ip unreachables > no ip proxy-arp > no atm ilmi-keepalive > dsl enable-training-log > hold-queue 224 in > bundle enable > ! > ! > interface ATM0/0/0.1 point-to-point > description ADSL #2 XXXXX > no ip redirects > no ip unreachables > no ip proxy-arp > pvc 0/35 > pppoe-client dial-pool-number 1 > ! > ! > interface ATM0/1/0 > no ip address > no ip redirects > no ip unreachables > no ip proxy-arp > no atm ilmi-keepalive > ! > interface ATM0/1/0.1 point-to-point > description ADSL #1 XXXXX > no ip redirects > no ip unreachables > no ip proxy-arp > pvc 0/35 > pppoe-client dial-pool-number 1 > ! > ! > interface Dialer1 > ip address negotiated > ip nat outside > no ip virtual-reassembly > encapsulation ppp > dialer pool 1 > dialer idle-timeout 0 > dialer-group 1 > ppp authentication pap callin > ppp pap sent-username xx...@domain password 7 XXXXX > ppp ipcp dns request > ppp multilink > ppp multilink links maximum 2 > ppp multilink links minimum 1 > ppp multilink load-threshold 1 either > ppp multilink interleave > ppp multilink fragment delay 10 > no cdp enable > service-policy output to.XXXVOIP.POLICY > ! > no ip forward-protocol nd > ! > no ip http server > no ip http secure-server > ! > ip nat inside source list 1 interface Dialer1 overload > ip route 0.0.0.0 0.0.0.0 Dialer1 > ! > logging trap debugging > access-list 1 permit 192.168.1.0 0.0.0.255 > access-list 1 permit 192.168.0.0 0.0.0.255 > access-list 99 permit XXXXX > access-list 99 permit XXXXX > access-list 100 permit ip any X.X.X.X 0.0.0.31 > access-list 101 permit ip X.X.X.X 0.0.0.31 any > dialer-list 1 protocol ip permit > dialer-list 2 protocol ip permit > no cdp run > > ! > ! > control-plane > ! > banner login ^CCC============================================== > = WARNING! WARNING! WARNING! WARNING! = > = UNAUTHORIZED ACCESS STRICTLY PROHIBITED! = > = All connections and keystrokes logged = > ============================================== > ^C > ! > line con 0 > login local > line aux 0 > line vty 0 4 > access-class 99 in > login local > transport input ssh > line vty 5 15 > access-class 99 in > no login > transport input ssh > ! > scheduler allocate 4000 1000 > end > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/