Hi everybody,

we installed two weeks ago a 867VAE-K9 as a border router for a medical practice.

It's got two vlan interfaces for inter-vlan routing, only one Gi interface up in trunk mode to the core switch and the ATM for ADSL2+ connection to the local ISP. A cisco wap is on the secon vlan for the patients. There is a voip pbx on a linux machine that registers 5 trunks to an external provider (only one trunk is used right now, and it works fine).

(Almost) everything works fine :-) Sometimes (it can be hours or days) the routing to the internet stops. The meds can still use the LAN accessing everything in it with no lag, and the patients can access the isolated SSID on a Cisco wap on the second vlan. They simply cannot surf the internet.

- DNS and local routing is fine

- the router is reachable through the Gi interface

- they can send and receive traffic to and from the 867 vlans' IPs

- the ATM, dialer 0 and virtual access are up, line protocol up

- the dialer has got the IP address negotiated from the ISP

- default route is negotiated through ipcp

- the controller vdsl 0 is in showtime! state

- from the outside we can ping the PPP peer, but not the IP of dialer 0

The only thing is the queue counter of ATM which shows drops and total output drops. Attenuation is fine, noise margin not so well. The point is that outside traffic to the internet is at low levels and the routing almost always stopped when no one was using the internet (i.e. out of office hours). It already happened 7 times in 16 days. The problem obviously is that voice traffic is impaired by the stuck router, and no med there is able to ssh into the router and re-activate the atm 0 with a shut/no shut (and I would not want/advise it anyway).

It is not necessary to reload. A fast shut/no shut of the atm0 (no wait between the commands) will make it running again.

We're activating the smarnet for this router to update dsl fw and ios image, but I thought I could post here before that. Here are some dumps:

#sh ver

Cisco IOS Software, C860 Software (C860VAE-ADVSECURITYK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2012 by Cisco Systems, Inc.

Compiled Wed 21-Mar-12 00:04 by prod_rel_team

ROM: System Bootstrap, Version 15.1(4r)M2, RELEASE SOFTWARE (fc1)

B2gw uptime is 1 day, 14 hours, 47 minutes

System returned to ROM by reload at 18:05:16 UTC Wed Mar 13 2013

System restarted at 18:06:20 UTC Wed Mar 13 2013

System image file is "flash:c860vae-advsecurityk9-mz.151-4.M4.bin"

Last reload type: Normal Reload

Last reload reason: Reload Command

Cisco 867VAE-K9 (BCM6368) processor (revision 0.3) with 234496K/26624K bytes of memory.

Processor board ID GMK122500S6

1 DSL controller

1 Ethernet interface

4 FastEthernet interfaces

2 Gigabit Ethernet interfaces

1 ATM interface

1 Virtual Private Network (VPN) Module

255K bytes of non-volatile configuration memory.

57344K bytes system flash allocated

Configuration register is 0x2102

#sh controllers vdsL 0

Controller VDSL 0 is UP

Daemon Status:         NA

            XTU-R (DS)        XTU-C (US)

Chip Vendor ID:        'BDCM'             'GSPN'

Chip Vendor Specific:   0x0000             0x0010

Chip Vendor Country:    0xB500             0xFFB5

Modem Vendor ID:    'CSCO'             'GSPN'

Modem Vendor Specific:  0x4602             0x0010

Modem Vendor Country:   0xB500             0xFFB5

Serial Number Near:    GMK122500S6 867VAE-K 15.1(4)M 

Serial Number Far:    

Modem Version Near:    15.1(4)M

Modem Version Far:     0x0010

Modem Status:         TC Sync (Showtime!)

DSL Config Mode:     AUTO

Trained Mode:         G.992.5 (ADSL2+) Annex A

TC Mode:         ATM

Selftest Result:     0x00

DELT configuration:     disabled

DELT state:         not running

Trellis:         ON              ON

Line Attenuation:     19.5 dB          9.6 dB

Signal Attenuation:     19.5 dB          6.5 dB

Noise Margin:          6.4 dB          7.0 dB

Attainable Rate:    17924 kbits/s         1100 kbits/s

Actual Power:         23.1 dBm         10.4 dBm

Total FECS:        650040             638

Total ES:        156             0

Total SES:        57             0

Total LOSS:        0             0

Total UAS:        0             0

Total LPRS:        0             0

Total LOFS:        0             0

Total LOLS:        0             0

Bit swap:        10475             1425

Full inits:        2

Failed full inits:    0

Short inits:        0

Failed short inits:    0

Firmware    Source        File Name (version)

--------    ------        -------------------

VDSL        embedded       N/A (0)

Modem FW  Version:    23i

Modem PHY Version:    A2pv6C032b.d23i

           DS Channel1      DS Channel0    US Channel1      US Channel0

Speed (kbps):              0           15958             0            1020

Previous Speed:              0           15943             0            1020

Total Cells:              0      3031720465             0       193791482

User Cells:              0         9138258             0         2467755

Reed-Solomon EC:          0          650040             0             638

CRC Errors:              0            2770             0               0

Header Errors:              0           43675             0               0

Interleave (ms):       0.00            7.84          0.00            7.21

Actual INP:           0.00            0.61          0.00            0.93

Training Log :    Stopped

Training Log Filename :    flash:vdsllog.bin

#sh int atm 0

ATM0 is up, line protocol is up

  Hardware is BCM6300 ATMSAR, address is 2c54.2d2f.9697 (bia 2c54.2d2f.9697)

  MTU 2038 bytes, sub MTU 2038, BW 1020 Kbit/sec, DLY 360 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ATM, loopback not set

  Keepalive not supported

  Encapsulation(s): AAL5

  2 maximum active VCs, 1024 VCs per VP, 1 current VCCs

  VC Auto Creation Disabled.

  VC idle disconnect time: 300 seconds

  Last input never, output 00:00:03, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/19/0 (size/max/drops/flushes); Total output drops: 1420

  Queueing strategy: Per VC Queueing

  5 minute input rate 1000 bits/sec, 1 packets/sec

  5 minute output rate 1000 bits/sec, 1 packets/sec

     566670 packets input, 517001370 bytes, 0 no buffer

     Received 0 broadcasts (0 IP multicasts)

     0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     556752 packets output, 122882093 bytes, 0 underruns

     1 output errors, 0 collisions, 3 interface resets

     0 unknown protocol drops

     0 output buffer failures, 0 output buffers swapped out

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no atm ilmi-keepalive

pvc 8/35

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

end

!

interface Dialer0

ip address negotiated

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer-group 1

ppp chap hostname xxxx

ppp chap password 7 xxxx

ppp pap sent-username xxxxx password 7 xxxx

ppp ipcp route default

no cdp enable

end

#sh int dialer 0

Dialer0 is up, line protocol is up (spoofing)

  Hardware is Unknown

  Internet address is w.x.y.z/32

  MTU 1500 bytes, BW 56 Kbit/sec, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, LCP Closed, loopback not set

  Keepalive set (10 sec)

  DTR is pulsed for 1 seconds on reset

  Interface is bound to Vi2

  Last input never, output never, output hang never

  Last clearing of "show interface" counters 1d14h

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: weighted fair

  Output queue: 0/1000/64/0 (size/max total/threshold/drops)

     Conversations  0/0/16 (active/max active/max total)

     Reserved Conversations 0/0 (allocated/max allocated)

     Available Bandwidth 42 kilobits/sec

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     538868 packets input, 514526219 bytes

     558156 packets output, 121343922 bytes

Bound to:

Virtual-Access2 is up, line protocol is up

  Hardware is Virtual Access interface

  MTU 1500 bytes, BW 1020 Kbit/sec, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, LCP Open

  Open: IPCP

  PPPoATM vaccess, cloned from Dialer0

  Vaccess status 0x44

  Bound to ATM0 VCD: 1, VPI: 8, VCI: 35, loopback not set

  Keepalive set (10 sec)

  DTR is pulsed for 5 seconds on reset

  Interface is bound to Di0 (Encapsulation PPP)

  Last input 00:00:00, output never, output hang never

  Last clearing of "show interface" counters 1d14h

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     566782 packets input, 514918986 bytes, 0 no buffer

     Received 0 broadcasts (0 IP multicasts)

     0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     558289 packets output, 121347906 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     0 unknown protocol drops

     0 output buffer failures, 0 output buffers swapped out

     0 carrier transitions

As a brutal workaround till the update/fix, I was thinking about monitoring the reachability of some external systems and use snmp from the lan to shutdown/no shutdown the atm (though I don't even know if that would be possible from snmp on this router).

Thank you for your attention and for any hint you might provide.

doc