05-25-2007 11:55 AM - edited 03-03-2019 05:09 PM
Hi,
We have a bunch of Cisco 871 routers and after upgrading to the latest IOS (c870-advipservicesk9-mz.124-11.T2.bin); do to some of the problems with previous IOS versions (appfw consumming 100% CPU); we are experiencing a problem with 1 of the routers, where certain websites, including this one (forum.cisco.com)/www.msn.com/www.microsoft.com won't load and just time out.
I went through the config and removed all IP inspect rules and turned of appfw to see if this would solve it, but without any success.
I ran a packet scanner on the network to see what could be causing the block, and analyzing the output it seems that the sites in question are sending malformed packets via this router. Well at least it seems that the router is corrupting the packets. What is weird however is that it only does this for certain sites and not all.
Has anyone ever experienced this? Or any suggestions on how to go about solving this problem?
Please let me know
Thanks
S.
05-26-2007 10:56 AM
Hi,
Yes , we have the same problem with a 871 running : c870-advipservicesk9-mz.124-11.T2.bin.
We will try to downgrade :)
BR,
Bjornarsb
05-30-2007 11:55 AM
Hi,
I am not sure if you are also running OSPF or any special routing protocols. But we discovered the problem seemed to have something to do with our OSPF cost settings.
it is kind of strange that some sites would try to route one way vs some sites where routed correctly.
Maybe there is a bug in the firmware, where it inspects the data that was sent from the "web servers" and try's to route with that information.
Anyways, this solved this issue. We have however discovered other problems (no qos tagging on vlans with this firmware) with this firmware and probably will be forced to downgrade as well.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide