cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1217
Views
0
Helpful
10
Replies
Highlighted

Cisco 4321 issues getting internet or DNS on laptop.

Having issues getting my Cisco 4321 to get internet and can't ping 8.8.8.8. I can ping the ISP ip address though which is odd, then on my laptop i get no default gateway at

Building configuration...

Current configuration : 3046 bytes
!
! Last configuration change at 23:52:43 UTC Sun Sep 30 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
!
no aaa new-model
!
ip name-server 8.8.8.8
!
ip dhcp pool Planet
network 192.168.1.0 255.255.255.0
!
subscriber templating
!
multilink bundle-name authenticated
!
domain lookup
!
redundancy
mode none

interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
negotiation auto
!
interface GigabitEthernet0/0/1
ip address dhcp
ip nat outside
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
negotiation auto
!
router rip
version 2
network 192.168.1.0
no auto-summary
!
ip default-gateway 192.168.1.1
ip nat inside source list 50 interface GigabitEthernet0/0/0 overload
ip forward-protocol nd
ip http server
ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 dhcp
!
!
access-list 50 permit 192.168.1.0 0.0.0.255
!
!
!
control-plane
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end

all or internet access. below is

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Sorry, also remove the ip defaul-gateway command, and add"ip routing" at the global configuration level, should be default.

View solution in original post

10 REPLIES 10
Highlighted
Rising star

Hi,

quick glance at your config, need to correct couple of things..

1. Your GigabitEthernet0/0/0 and gateway address set to same ip (192.168.1.1). Change internal IP, if gateway is correct.

2. You DHCP config missing default-gateway and additional information like lease, DNS address.

Correct those first and check online for DHCP config on Cisco routers, you will find ton of configuration examples. If you still run into issue, post the config.

hth

MS

Highlighted
Participant

Looks like you have a lot of configuration issues....

 

-remove the two static routes, and add just one "ip route 0.0.0.0 0.0.0.0 dhcp".  routing to an interface is a bad practice, since you end up ARPing for every remote connection. Eventually you fill your ARP cache is doing this in production

 

- remove your NAT statement and update to NAT to the outside interface IP, "ip nat inside source list 50 interface GigabitEthernet0/0/1 overload".  Your current statement is NATing inside to inside.

 

- Add a gateway (default router) to your DHCP pool, so hosts pulling DHCP have a gateway to get out of that subnet, 192.168.1.1.

 

- Add DNS servers to your DHCP pool, so hosts pulling DHCP will have DNS name resolution 

 

sorry for any typos, doing this on a cell phone 

Highlighted

Sorry, also remove the ip defaul-gateway command, and add"ip routing" at the global configuration level, should be default.

View solution in original post

Highlighted

Did those configurations changes/fixes (NAT, routing, and DHCP) fix your internet access issues? 

 

-- Pete

Highlighted

Yes, sorry I had trouble signing back into my cisco account or I reply sooner. I can accept solution by email but not sign in to reply. Im training to get ccna license, so im at begin stage. 

 

I did notice my upstream bandwidth was at 9mb and should be at 75mb. Any ideas?

Highlighted

Hello,

9MB is extremely low. Post the output of:

show interfaces GigabitEthernet0/0/1
Highlighted

Is it 9MBps or 9Mbps, notice big B vs little b?  If you are looking at throughput from a PC / computer perspective, data rate is typically in MBps (megabytes vs megabits).  9MBps (megabytes per second/computer throughput) equals 63Mbps (megabits per second/network interface rate). This is due to there being eight bits per byte. This would be pretty close to your expected data rate.

Highlighted

below is the output, seems i'm getting a lot of drops and bandwidth is all over the place. 

 

GigabitEthernet0/0/1 is up, line protocol is up
Hardware is ISR4321-2x1GE, address is xxxxxx
Internet address is 47.xxx.xx.XXX/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 2/255, rxload 4/255
Encapsulation ARPA, loopback not set
Keepalive not supported
Full Duplex, 100Mbps, link type is auto, media type is RJ45
output flow-control is on, input flow-control is on
ARP type: ARPA, ARP Timeout 04:00:00
Last input 02:22:21, output 00:00:51, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 3330
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 1755000 bits/sec, 227 packets/sec
5 minute output rate 1112000 bits/sec, 195 packets/sec
1141867 packets input, 996816574 bytes, 0 no buffer
Received 157 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 281 multicast, 0 pause input
1080040 packets output, 778554923 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
7 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
2 lost carrier, 0 no carrier, 0 pause output
0 output buffer failures, 0 output buffers swapped out

Highlighted

I believe you are seeing output drops due to buffer exhaustion, AKA tail drops.  This is common, when you have more bandwidth into a router or switch than out of it.  I believe this is the case, whereas the port facing you (users) is negotiating gigabit Ethernet (1000Mbps), but the port leaving the router is negotiating a speed of FastEthernet (100Mbps).  When you do something like speed test websites, you computer will be sending as much data as it can, as fast as it can.  This can result in the routers input interface (Gi0/0/0 in your case) receiving more than 100Mbps if it is negotiated at 1000Mbps.  The output interface (Gi0/0/1) leading to the internet is only negotiated at 100Mbps, thus will end up dropping some of this data on output.  If this is in your lab and not production you can see if my theory is right is simply set the port facing you/users to 100Mbps.  Next, clear your counters and run a few speed test.  Now that both the input side and output side of the router are both 100Mbps, the output drops should stop.

 

The other possibility is licensing.  The default licensing for a Cisco 4321 router is 50Mbps.  A performance license can be applied, not a default included option, which will bring the throughput capability up to 100Mbps.  See table 4 on the following link for more information regarding throughput on Cisco ISR4000 routers: https://www.cisco.com/c/en_in/products/collateral/routers/4000-series-integrated-services-routers-isr/datasheet-c78-732542.html .  Cisco got much smarter on the ISR4000 routers than they had been on previous ISR generations.  THe previous generations always had inconsistent performance, depending on what features you enable, i.e. NAT, PfR, stateful firewalling or ZBAC.  When Cisco built this generation they allocated a multicore CPU architecture, in which cores and bus were licensed and protected, to ensure the advertised rate was always available.  So, with a ISR4321, you'll always get 50+ Mbps on base license, regardless of what features you enable.  Add the PERF license and you will always get 100Mbps.  The only other license that could ever be needed that can impact throughput is the HSEC, since encryption is rate limited and only available for unlocked rate within certain countries based on US and several other allies laws.  This licensing would only impact encrypted VPN traffic, where the encryption and decryption (tunneling) of the traffic was being performed by the router itself..

Highlighted
VIP Mentor

Hello

Could you change your configuration to the below then test again:

conf t
no ip default-gateway 192.168.1.1
no ip nat inside source list 50 interface GigabitEthernet0/0/0 overload
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0 dhcp
no ip name-server 8.8.8.8
no router rip

ip dhcp pool Planet
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
import all
lease 0 12

ip route 0.0.0.0 0.0.0.0 dhcp
ip nat inside source list 50 interface GigabitEthernet0/0/1 overload




kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future