Re: C-921 intermittent internet cut off

dhaferbk · ‎04-02-2024

I have an intermittent internet cut off. The router becomes inaccessible by ssh. No ping also from internet and from inside.

Here is my running config:

Current configuration : 1878 bytes
!
! Last configuration change at 17:23:04 UTC Tue Apr 2 2024 by admin
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R-0001
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$NsYq$38ERNeme81IFyY72QT/T6.
!
no aaa new-model
memory-size iomem 25
!
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.0.1 192.168.2.255
ip dhcp excluded-address 192.168.5.0 192.168.255.255
!
ip dhcp pool mainPool
import all
network 192.168.0.0 255.255.0.0
default-router 192.168.2.1
dns-server 192.168.2.1
!
!
!
ip domain name pathogenia.com
ip name-server 198.154.101.1
ip name-server 198.231.100.1
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
license udi pid C921-4P sn PSZ27421DXZ
!
!
username admin secret 5 $1$gIuU$wW06Vw/5SYLYZVTmsdA5L/
!
redundancy
!
!
!
!
!
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
ip address 55.71.7.250 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.2.1 255.255.0.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip dns server
ip nat inside source list 1 interface GigabitEthernet4 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet4 55.71.7.249
!
!
!
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 101 permit udp any any eq domain
access-list 101 permit udp any eq domain any
!
control-plane
!
!
line con 0
password 7 07212E5841071C3A424359
login
line vty 0 4
password 7 14391D1F030A2F14717961
login local
transport input ssh
!
scheduler allocate 20000 1000
!
end

liviu.gheorghe · ‎04-02-2024

Hello @dhaferbk ,

can you also provide the output of the show logging command?

Regards, LG
*** Please Rate All Helpful Responses ***

dhaferbk · ‎04-02-2024

Syslog logging: enabled (0 messages dropped, 2 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

Console logging: level debugging, 58 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level debugging, 58 messages logged, xml disabled,
filtering disabled
Exception Logging: size (8192 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled

No active filter modules.

Trap logging: level informational, 56 message lines logged
Logging Source-Interface: VRF Name:

Log Buffer (8192 bytes):

*Jan 2 00:00:00.309: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c900 Next reboot level = ipbasek9 and License = ipbasek9
*Apr 2 12:16:26.653: esw_mrvl_hw_init 4263 gsysSetRsvd2CpuEnables enBits=0x4009

*Apr 2 12:16:29.861: FBSD_HCD :VERBOSE :5020 xHCI version = 0x0100
*Apr 2 12:16:29.863: FBSD_HCD :VERBOSE :5023 32 bytes context size, 64-bit DMA
*Apr 2 12:16:29.863: FBSD_HCD :VERBOSE :5024 Total no. of ports : 8
*Apr 2 12:16:29.863: FBSD_HCD :VERBOSE :5026 Total no. of ports : 8, Max slots : 32
*Apr 2 12:16:29.863: BIOS/Rommon Already performed USB Handoff
*Apr 2 12:16:29.893: %LINK-3-UPDOWN: Interface GigabitEthernet4, changed state to down
*Apr 2 12:16:29.893: %LINK-3-UPDOWN: Interface GigabitEthernet5, changed state to down
*Apr 2 12:16:31.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4, changed state to down
*Apr 2 12:16:31.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet5, changed state to down
*Apr 2 12:16:32.541: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Apr 2 12:16:33.235: %SYS-6-PRIVCFG_DECRYPT_SUCCESS: Successfully apply the private config file
*Apr 2 12:16:33.279: %SYS-5-CONFIG_I: Configured from memory by console
*Apr 2 12:16:33.555: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C900 Software (C900-UNIVERSALK9-M), Version 15.8(3)M6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2021 by Cisco Systems, Inc.
Compiled Fri 19-Feb-21 06:57 by prod_rel_team
*Apr 2 12:16:33.765: %SSH-5-ENABLED: SSH 1.99 has been enabled
*Apr 2 12:16:33.765: %LINK-3-UPDOWN: Interface GigabitEthernet4, changed state to up
*Apr 2 12:16:33.971: %SYS-6-BOOTTIME: Time taken to reboot after reload = 120 seconds
*Apr 2 12:16:34.375: %LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
*Apr 2 12:16:34.765: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet4, changed state to up
*Apr 2 12:16:35.271: %LINK-5-CHANGED: Interface GigabitEthernet5, changed state to administratively down
*Apr 2 12:16:36.279: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Apr 2 12:16:36.323: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1, changed state to down
*Apr 2 12:16:36.367: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2, changed state to down
*Apr 2 12:16:36.411: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet3, changed state to down
*Apr 2 12:16:38.911: %PNP-6-PNP_DISCOVERY_STOPPED: PnP Discovery stopped (Startup Config Present)
*Apr 2 12:16:50.833: %SSH-5-DISABLED: SSH 1.99 has been disabled
*Apr 2 12:16:50.837: %SSH-5-ENABLED: SSH 1.99 has been enabled
*Apr 2 12:18:28.903: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Apr 2 12:18:29.903: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Apr 2 12:18:58.029: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
*Apr 2 12:22:49.969: %SYS-5-CONFIG_I: Configured from console by console
*Apr 2 12:23:01.945: %SYS-6-PRIVCFG_ENCRYPT_SUCCESS: Successfully encrypted private config file
*Apr 2 14:29:40.585: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:40.705: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:40.831: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:43.033: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:44.097: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:45.689: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:46.767: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:48.369: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:49.423: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:51.029: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:52.093: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:53.687: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:29:54.749: %DNSSERVER-3-BADQUERY: Bad DNS query from 192.168.2.110
*Apr 2 14:39:09.277: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 146.190.174.211
*Apr 2 16:21:10.350: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 198.235.24.145
*Apr 2 17:22:57.486: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.18.
*Apr 2 17:23:03.156: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.22.
*Apr 2 17:23:04.512: %SYS-5-CONFIG_I: Configured from console by admin on vty0 (192.168.2.113)
*Apr 2 17:23:10.240: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.26.
*Apr 2 17:23:10.322: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.28.
*Apr 2 17:23:10.324: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.29.
*Apr 2 17:23:19.910: %SYS-6-PRIVCFG_ENCRYPT_SUCCESS: Successfully encrypted private config file
*Apr 2 17:26:26.220: %SYS-6-PRIVCFG_ENCRYPT_SUCCESS: Successfully encrypted private config file
*Apr 2 18:03:23.896: %DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged 192.168.3.49.
*Apr 2 19:07:24.946: %DHCPD-4-DECLINE_CONFLICT: DHCP address conflict: client 0152.de8a.667c.8e declined 192.168.3.53.

liviu.gheorghe · ‎04-02-2024

I don't see something alarming in the logs you provided.

You say "The router becomes inaccessible by ssh. No ping also from internet and from inside." - when the router becomes accessible again, what is the uptime of the router?

sho ver | in Uptime

Regards, LG
*** Please Rate All Helpful Responses ***

MHM Cisco World · ‎04-02-2024

You get staitc IP from ISP ?

MHM

dhaferbk · ‎04-02-2024

Yes, iti a static address frim an ISP.

MHM Cisco World · ‎04-02-2024

Add

Ip name server 8.8.8.8 8.8.4.4

And

Ip dns server

Ip domain lookup

Then check

MHM

dhaferbk · ‎04-02-2024

I have already my DNSs from my ISP provider. The main issue is that the router stop working after some hours of work - even pings stop in this case.

MHM Cisco World · ‎04-02-2024

You have already DNS from your ISP but

ip dhcp pool mainPool
import all
network 192.168.0.0 255.255.0.0
default-router 192.168.2.1
dns-server 192.168.2.1

You use router IP as DNS server and this need two command I share above

Ip dns server

Ip domain lookup

Also you need to enlarge little your dns queue

ip dns server queue limit forwarder queue-size-limit

Why the router stop ping and ssh?

Because it busy send and resend DNS requests

MHM

Georg Pauwen · ‎04-02-2024

Hello,

try this basic configuration:

Current configuration : 1878 bytes
!
! Last configuration change at 17:23:04 UTC Tue Apr 2 2024 by admin
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R-0001
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$NsYq$38ERNeme81IFyY72QT/T6.
!
no aaa new-model
memory-size iomem 25
!
ip dhcp pool mainPool
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 8.8.8.8
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
license udi pid C921-4P sn PSZ27421DXZ
!
username admin secret 5 $1$gIuU$wW06Vw/5SYLYZVTmsdA5L/
!
redundancy
!
interface GigabitEthernet0
no ip address
!
interface GigabitEthernet1
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
ip address 55.71.7.250 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface GigabitEthernet4 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet4
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
control-plane
!
line con 0
password 7 07212E5841071C3A424359
login
line vty 0 4
password 7 14391D1F030A2F14717961
login local
transport input ssh
!
scheduler allocate 20000 1000
!
end

dhaferbk · ‎04-02-2024

I was suspecting the buffer size. For this reason I putted : memory-size iomem 25

I am waiting for the issue to come back again.