DSLAM Timeout Support

bcloutier · ‎08-23-2024

We are supported by DSL service and have a number of fixed IP addresses on which we run servers. In a couple of cases the servers are rarely accessed and therefore rarely transmit packets to the public network.

In analyzing network traffic (since there is a background level of unsolicited activity) we noticed that the IP address goes silent. There is no more traffic from the outside. Only local traffic inside of the modem is present. The server at this IP address becomes externally unreachable. Traffic destined to other IP addresses through our modem continues unhampered.

We further note that any outgoing packet breaks the silence and restarts the flow of packets (Internet noise). We can again reach the server from the outside. Even a local ARP request by the server is sufficient to restart traffic. Again, the server is completely functional and responsive to others on this subnet.

This seems to occur about an hour after the last packet externally transmitted. It seems that there is a 3600 sec timeout someplace. So the question is whether or not this is a timeout setting?

For residential service with dynamic IP addresses this would perform properly. It is a problematic for servers on static IP addresses. It becomes a QoS issue if the server permanently becomes unreachable. I was not aware that this Internet connection would need a Keep Alive.

We are working with the ISP but after a week and some attempts on their part we are trying to help. The gateway MAC address reports Cisco. Anyone have any ideas?

marce1000 · ‎08-24-2024

= You may find this useful : https://www.cisco.com/c/en/us/support/docs/long-reach-ethernet-lre-digital-subscriber-line-xdsl/lre-vdsl-long-reach-ethernet-very-high-data-rate-dsl/119009-technote-vdsl-00.html
(also look at where DSLAM is discussed)

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

bcloutier · ‎08-24-2024

I had actually discovered that page in a search. The equipment appears to be up and running properly. This is IP address dependent and that is not addressed. It is our opinion that our incoming route is dropped after a period where no packet is transmitted outbound and this is by IP address. We're guessing a 3,600 second timeout of some kind. The bridge table is not being reset as the outage does not occur simultaneously across IP addresses. But the specific IP address falls from the bridge table. It is removed likely seen as no longer active/present.

I am trying to problem solve for our ISP who has been very attentive. Unfortunately we don't have access to the upstream equipment and we haven't (yet) questioned them for equipment manufactures and models. So we are assuming Cisco DSLAM.

I was hoping that someone may be familiar with this. We developed our own network facing device and I have been working on techniques to thwart malicious traffic and so monitor the network so closely that this issue became apparent. It is likely that no residential dynamic IP address client would be inconvenienced. This is a quality of service issue however for fixed IP address low-activity servers/devices.

I have two units on separate IP addresses and both are externally unreachable this morning. Over VPN into the facility and by routing through the VPN I can connect to both devices and see that neither has received traffic from outside for hours. Not one bogus probing SYN packet. The network obviously is working for our servers that hardly sit quiet for 5 seconds and never timeout.

There must be a setting.