If DNS always works but web-browsing doesn't to certain sites,
that slightly points to a PMTU issue where ICMP is being blocked
or an issue where you have a mismatch in MTU on a local network.
Are the addresses listed in your config real? If so, are all the
hidden addresses real globally routable addresses? If not, are
they being NAT'd or proxied at any point?
I'm not exactly clear about what your atm map-group related commands
do to traffic on that BVI, but I believe they are innocent.
As far as your config looks, other than the questions raised above,
nothing looks like it would be causing your symptoms. Ie, the config
on this particular router is probably not the culprit.
On 08-Nov-2001, Bruce Williams wrote:
> Has anyone ever seen a problem where you can browse to only a few web
sited.
> DNS is resolving correctly but some sites are just not accessible. There is
> no
> firewall or access-list or anything else that would restrict access.
>
> I have a DSL connection over ATM to a Cisco 3620 configured for Integrated
> Routing and Bridging. It bridges on the ATM interface and routes to the
ISP
> on the FastEthernet Interface. Users on the other side of the DSL/ATM cloud
> can browse to certain web sites, but most sites are not accessible. The
> config
> of the 3620 is pasted below. Again, I am confident that it is not a DNS
> issue.
>
> Router#show run
> Building configuration...
>
> Current configuration:
> !
> version 12.1
> service timestamps debug uptime
> service timestamps log uptime
> no service password-encryption
> !
> hostname Router
> !
> enable password bani
> !
> !
> !
> !
> !
> ip subnet-zero
> no ip domain-lookup
> !
> ip audit notify log
> ip audit po max-events 100
> cns event-service server
> !
> !
> bridge irb
> !
> !
> !
> !
> !
> !
> !
> interface ATM0/0
> mtu 1500
> no ip address
> no ip mroute-cache
> map-group test
> atm pvc 1 1 34 aal5snap oam 10
> no atm ilmi-keepalive
> no scrambling-payload
> bridge-group 1
> !
>
> interface ATM0/1
> no ip address
> no ip mroute-cache
> shutdown
> no atm ilmi-keepalive
> no scrambling-payload
> !
> interface ATM0/2
> no ip address
> no ip mroute-cache
> shutdown
> no atm ilmi-keepalive
> no scrambling-payload
> !
> interface ATM0/3
> no ip address
> no ip mroute-cache
> shutdown
> no atm ilmi-keepalive
> no scrambling-payload
> !
> interface FastEthernet1/0
> ip address 170.x.x.x 255.255.255.192
> no ip mroute-cache
> duplex auto
> speed auto
> !
> interface BVI1
> ip address 66.x.x.x 255.255.255.240
> !
>
> ip classless
> ip route 0.0.0.0 0.0.0.0 170.x.x.x
> no ip http server
> !
> !
> map-list test
> ip 66.x.x.x atm-vc 1 broadcast
> access-list 101 permit ip 66.x.x.x 0.0.0.15 any
> !
> bridge 1 protocol ieee
> bridge 1 route ip
> !
> line con 0
> transport input none
> line aux 0
> password xxxx
> login
> modem InOut
> modem autoconfigure discovery
> transport input all
> speed 1200
> flowcontrol hardware
> line vty 0 4
> password xxx
> login
> !
> end
--
---------------------------------------------------------------------------
** Andrew W. Smith ** [EMAIL PROTECTED] ** Chief Network Engineer **
** http://www.neosoft.com/neosoft/staff/andrew ** 1-888-NEOSOFT **
** NeoSoft, Inc. An Internet America Company 1-800-BE-A-GEEK **
** "Opportunities multiply as they are seized" - Sun Tzu **
---------------------------------------------------------------------------
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=25730&t=25719
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
