Thanks Jonathan, the problem is solved. See below.
Just a remark on one of your point:
"The successful ping-by-name does not prove you are pinging through the
switch to the DSL modem to the Internet because the name could be resolved
by name-cache or hosts file or even a DNS server on one of the other PCs
plugged into your switch. "
1) I checked for presence of a host file
2) I cleaned up the client cache (ipconfig /flushdns)
3) I made sure that all servers where pointing to DNS servers OUTSIDE of my
LAN
When pinging any of my servers from the Internet (using a dial-up account)
I would get a response of 3000 ms or greater.
So this gave me a hint that it was a peformance or packet loss of some sort.
So I switched to a multiport repeater (hub)
to rule out the possibility of a malfunction of the 2 switches. The rest of
the troubleshooting is shown below:
----------------------------------------------------------------------------
-----------------
Thanks to everyone for the suggestions. The mystery is solved.
Here are my troubleshooting steps:
1) I got a 10 BaseT hub and I plugged the cable modem and all the computers
in there.
2) I was not able to ping the default gateway. But I was able to ping any
computers from any other computers.
3) I examined hub; one of the ports, port 3, was showing unusual Link
activity. (The hub has 5 ports)
I plugged in a network monitor and found out that the PC on port 3 was
sending 45 broadcast/seconds!
4) I examined the capture and found that the broadcasts were arp requests to
the default gateway!!!!
5) I then examined the arp cache of the PC and found the following:
63.162.86.1 00-00-00-00-00-00 invalid
6) I deleted the entry and created a static (permanent) arp entry for the
default gateway
7) I did another network capture: this time the PC was sending TCP traffic
out to random sites on the internet at a rate of
5,569 bytes per seconds!!!!
8) I went to Microsoft Website and searched their latest security bulletin
looking for symptoms of virus infection
9)I did not have the symptoms of increased CPU activity but when I did a
scan on my PC I found the file "root.exe" under d:\inetpub\wwwroot\
(This file belongs to the Code Red Virus)
10) I cleaned up and patched up the PC; everyone was then able to ping the
default gateway.
-----
What I learned: If I had moved to network capture analysis earlier in the
process I could have saved myself a lot of work!!!
What I still need to understand: how did the broadcast of the infected
machine prevent other machines to ping the default gateway on the switch ?
(please note that all the machines -- even the infected machine-- were able
to ping each other while on the switch)
-----Original Message-----
From: Jonathan Hays [mailto:[EMAIL PROTECTED]]
Sent: Monday, September 03, 2001 10:39 AM
To: Pierre-Alex
Subject: Re: DSL / Cisco Switches [7:18267]
Pierre-Alex,
Let's dig into the details of your problem.
If you can plug your PC into the DSL modem's Ethernet port with a
crossover cable and operate successfully you know that the PC and the DSL
modem are not the problem. You also know that both the DSL's and the PC's
ports are MDI ports. Why? Normally you use a straight-through cable from the
PC NIC MDI port to a switch or hub's MDI-X port.. A crossover cable is used
to connect MDI to MDI ports (2 PCs) or to connect MDI-X to MDI-X ports (2
switches).
Next you say you connected your PC (and other PCs) into a switch with a
straight-through cable and then you connected the switch to the DSL modem
with another straight-through cable. Now you can ping by name but the ping
times out.
Are you getting a link light on the switch port connected to each PC and
to the DSL modem?
This is not a good troubleshooting technique at this point. The successful
ping-by-name does not prove you are pinging through the switch to the DSL
modem to the Internet because the name could be resolved by name-cache or
hosts file or even a DNS server on one of the other PCs plugged into your
switch. A better troubleshooting technique would be to stick with IP
addresses. It would be best to ping to the IP address of the router on the
other end of the DSL connect at the ISP. (Some other Internet address would
work, providing the ISP hasn't blocked ICMP echo and echo-reply (ping) to
the Internet.) Use traceroute or tracert (depending on the PC's OS) and you
will see where the connection quits.
Try isolating the problem to a box before you get too deep into your
troubleshooting. Replace the switch with a simple hub and see if the hub
works. If so, someone may have configured some VLANs on the switch. Take a
look at the switch configuration. Or you may have a bad port on the switch.
Or the UPLINK button may be IN when it should be OUT.
What kind of switch is it?
HTH,
Jonathan
Pierre-Alex wrote:
I have a DSL connection and multiple ip addresses.
When I plug any computer directly to the DSL modem (with a cross over
cable)
everything works fine. However when I plug all of the computers and the
DSL
modem to the
switch (with straight through cables) I get "time out" responses when
pinging the default gateway.
If I ping by name (e.g, ping yahoo.com) I get the name resolved, but the
pings time out.
It has been a week of troubleshooting and still no light! Anyone?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18333&t=18267
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
