At 08:02 AM 2/5/2003 +0000, kaushalender wrote: >Hello group, > >Kindly resolve my confussion.I have cisco 2610 router.We r running >static routing with our service provider .Now what is happening that >suddely my http request stoped going out means there was no browsing on > lan and customer I was able to telnet every website on port 80 that >means i able to reach website till apllication layer from my pc .Now how >can i find out what is killing my http request in my network . and my >service provider is saying that from my side huge amount of routing >loops is coming but i have put whole announced network on ethernet. This >is the conf .PLz help me
If you had routing loops, everything would be broken, not just http. Try traceroutes from a site like route-views.oregon-ix.net into your network and likewise outbound to prove out your routing config. Beyond that, look at things that are impacting performance and layer 4 and above. Also, ask your ISP to clarify what they mean by loops. Given you run statically to them, I'm not sure what they mean. >sh run > >Building configuration... > > > >Current configuration : 4962 bytes > >! > >version 12.2 > >service timestamps debug datetime msec localtime show-timezone > >service timestamps log datetime msec localtime show-timezone > >service password-encryption > >! > >hostname Rainbow > >! > >logging buffered 10000 debugging > >no logging console > >aaa new-model > >aaa authentication login default local group radius > >aaa authorization exec default local group radius > >enable secret 5 $1$WyvH$D/U2xWxcDfbROyR7PtGXS1 > >enable password 7 000D0016457B525F56 > >! > >username rainbow password 7 095E4F0017071805 > > > >clock timezone GMT 5 > >clock summer-time GMT recurring > >ip subnet-zero > >no ip source-route > >ip wccp version 1 > >ip flow-cache timeout inactive 300 > >ip flow-cache timeout active 1 > >ip cef > >! > >! > >ip name-server 202.78.168.6 > >ip name-server 202.78.168.14 > > > >p name-server 202.54.15.1 > >! > >! > >class-map match-any http-hacks > > match protocol http url "*.ida*" > > match protocol http url "*cmd.exe*" > > match protocol http url "*root.exe*" > > match protocol http url "*readme.eml*" > >! > >! > >policy-map mark-inbound-http-hacks > > class http-hacks > > set ip dscp 1 > >! > > > >! > >interface Ethernet0/0 > > ip address 202.78.164.3 255.255.252.0 secondary > > ip address 202.54.194.65 255.255.255.224 secondary > > ip address 202.78.168.26 255.255.248.0 > > ip access-group 115 in > > ip access-group 115 out > > no ip proxy-arp > > rate-limit input access-group 121 48000 52000 52000 conform-action > >transmit exceed-action drop > > rate-limit input access-group 122 32000 32000 32000 conform-action > >transmit exceed-action drop > > rate-limit output access-group 110 64000 64000 64000 conform-action > >transmit exceed-action drop > > rate-limit output access-group 121 296000 300000 300000 conform-action > >transmit exceed-action drop > > rate-limit output access-group 122 32000 32000 32000 conform-action > >transmit exceed-action drop > > no ip mroute-cache > > full-duplex > > service-policy input mark-inbound-http-hacks > >service-policy output mark-inbound-http-hacks > > no cdp enable > >interface Serial0/0 > > bandwidth 512 > > no ip address > > no ip mroute-cache > > shutdown > > no fair-queue > >! > >interface Serial0/1 > > bandwidth 512 > > no ip address > > no ip route-cache > > no ip mroute-cache > > shutdown > >! > >interface Serial0/2 > > no ip address > > shutdown > >! > >interface Serial0/3 > > description "OASIS LINK" > >ip address 216.252.243.5 255.255.255.252 > > ip access-group 107 in > > ip access-group 107 out > > rate-limit input 64000 128000 128000 conform-action transmit > >exceed-action drop > > rate-limit output 64000 128000 128000 conform-action transmit > >exceed-action drop > > encapsulation ppp > >! > >interface Serial1/0 > > description Shapura Link > > ip address 216.252.243.1 255.255.255.252 > > ip access-group 107 in > > ip access-group 107 out > > rate-limit input 32000 32768 32768 conform-action transmit > >exceed-action drop > > > >interface Serial1/1 > > description DOIT LINK > > bandwidth 128 > > ip address 216.252.243.17 255.255.255.252 > >rate-limit input 32000 65536 65536 conform-action transmit exceed-action > >drop > > rate-limit output 32000 65536 65536 conform-action transmit > >exceed-action drop > > encapsulation ppp > > service-policy input mark-inbound-http-hacks > > service-policy output mark-inbound-http-hacks > >! > >nterface Serial1/2 > > no ip address > > shutdown > >! > >interface Serial1/3 > > description vsnl link > > ip address 202.54.192.66 255.255.255.252 > > ip access-group 115 in > > ip access-group 115 out > > encapsulation ppp > > service-policy input mark-inbound-http-hacks > > service-policy output mark-inbound-http-hacks > >!p flow-export source Ethernet0/0 > >ip flow-export version 5 peer-as > >ip flow-export destination 202.78.168.2 2055 > >ip classless > >ip route 0.0.0.0 0.0.0.0 202.54.192.65 > >ip route 202.78.160.0 255.255.252.0 203.129.200.193 > >ip route 202.78.167.0 255.255.255.240 202.78.164.2 > >ip route 202.78.167.8 255.255.255.248 202.78.164.2 > >ip route 202.78.173.0 255.255.255.248 216.252.243.18 > >ip route 202.78.173.8 255.255.255.248 216.252.243.10 > >ip route 202.78.173.24 255.255.255.248 216.252.243.2 > >ip route 202.78.173.248 255.255.255.248 216.252.243.14 > >ip route 202.78.175.0 255.255.255.224 216.252.243.6 >logging trap debugging >logging facility local1 >logging 202.78.168.2 >access-list 107 deny ip any any dscp 1 log >access-list 107 permit ip any any >access-list 115 deny tcp any any eq 1433 log >access-list 115 deny udp any any eq 1433 log >access-list 115 deny tcp any any eq 1434 log >access-list 115 deny udp any any eq 1434 log >access-list 115 permit ip any any >access-list 121 permit ip any 202.78.169.64 0.0.0.63 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62499&t=62490 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]