02-12-2003 08:51 PM - edited 03-02-2019 05:03 AM
I recently activated syslog logging on my 806 DSL router and have noticed my virtual access interface drops at least once daily, it'll do it for a minute or so then comes back up. I notice mostly because I'll be on the web and all of a sudden I'll lose connectivity, I'll check the syslog log and see the interface has dropped but it usually will come right back up and I'll have signal again. The only change I've done recently to the config was add an access list to block most icmp packets inbound, as well as disabling some services like http server, and a few other for security purposes.
It's done this before even before I did this changes, but seems like its more often now , it used to not drop daily, not its doing it every day. My question is, could anything in the config be causing this? or should I just blame it on the service provider or the DSL service/line itself?
Here's a copy of the log entries:
Feb 11 00:58:41 10.10.10.1 462: 2d23h: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down
Feb 11 00:58:42 10.10.10.1 463: 2d23h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down
Feb 11 01:00:35 10.10.10.1 464: 2d23h: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
Feb 11 01:00:37 10.10.10.1 465: 2d23h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up
Thanx
Louis
02-17-2003 07:23 AM
One thing in your config to check is the way you have defined "interesting traffic". Depending on how you have set this up, this could cause your virtual interface to go down if it doesn't see traffic that matches the criteria you have set. If you still help, you can re-post with your configs.
02-22-2003 05:37 PM
A real wild guess here, but would your ISP be dropping a DHCP assigned address to you after a fixed period of inactivity? Your router drops the i/f to get a new DHCP address when it senses external activity? Based on your statement that it even happens while you're surfing, I would not have suspected this...
03-07-2003 09:36 AM
Yeah this happens while I'm surfing, I'll be browsing pages and all of a suddent I have no connection. I check the syslog and see that the virtual interface has dropped. I'll give it a few seconds and eventually comes back up (I keep trying to access oages or check email to see if it "wakes up" and brings it back up). here's my running config in case you guys can find anything there...
Thanx
Current configuration : 3739 bytes
!
! Last configuration change at 17:05:21 est Sat Feb 8 2003
! NVRAM config last updated at 01:21:10 est Sat Feb 8 2003
!
version 12.2
no parser cache
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Clandestine
!
enable secret
username Clandestine password
clock timezone est -5
clock summer-time edt recurring
ip subnet-zero
no ip source-route
ip name-server 205.152.144.235
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.2
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
no ip bootp server
ip cef
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw http java-list 10 timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
!
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip tcp adjust-mss 1452
no cdp enable
hold-queue 32 in
hold-queue 100 out
!
interface Ethernet1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip tcp adjust-mss 1452
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable
!
interface Dialer1
ip address negotiated
ip access-group 111 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip inspect myfw out
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname
ppp chap password
ppp pap sent-username password
ppp ipcp dns request
ppp ipcp wins request
!
ip nat inside source list 102 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
!
!
access-list 10 permit 204.69.199.39
access-list 10 permit 209.191.132.40
access-list 10 deny any log
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 111 deny ip 127.0.0.0 0.255.255.255 any log-input
access-list 111 deny ip 10.0.0.0 0.255.255.255 any log-input
access-list 111 deny ip 172.16.0.0 0.15.255.255 any log-input
access-list 111 deny ip 192.168.0.0 0.0.255.255 any log-input
access-list 111 deny ip 224.0.0.0 15.255.255.255 any log-input
access-list 111 deny ip 240.0.0.0 7.255.255.255 any log-input
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any echo-reply
access-list 111 permit udp any eq domain any
access-list 111 permit udp any any eq isakmp
access-list 111 permit udp host 128.194.254.9 eq ntp any
access-list 111 permit esp any any
access-list 111 deny icmp any any
access-list 111 deny ip any any
dialer-list 1 protocol ip permit
banner motd ^C
AUTHORIZED USERS ONLY!
^C
privilege exec level 15 connect
privilege exec level 15 telnet
privilege exec level 15 show ip access-lists
privilege exec level 15 show access-lists
privilege exec level 15 show logging
privilege exec level 1 show ip
!
line con 0
exec-timeout 120 0
password
login
stopbits 1
line vty 0 4
exec-timeout 0 1 login local
no exec
length 0
transport input none
!
scheduler max-task-time 5000
ntp clock-period 17179841
ntp server 128.194.254.9
end
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide