Router locking up? help...

Discussion in 'Network Routers' started by avidfan, Oct 24, 2004.

  1. avidfan

    avidfan Guest

    I have 5 sun ultra 10's running solaris 8 and 9, one intel running
    slackware 10 and one intel running windows 2000 all going into an 8
    port linksys hub and then into a 11s4 v.2 (802.11b) wireless linksys
    router (along with a windows 98 box on the way). I am running an
    apache webserver. swbell dsl. Here is my problem:

    within my LAN, I never have any problems. From the outside, My ssh
    sessions will just lock up on me at random times. I won't be able to
    ssh into any of my boxes for about 10 minutes and then I can again.
    My http traffic is doing the same thing. My website will just lock up
    for about 10 minutes. If I am in the LAN, I can still access
    everything even while it is locked externally.

    I googled this problem and did the following:

    I upgraded the firmware on my router.

    I set the router MTU to 1492 along with all of the servers (the
    windows boxes are set to auto).

    I have played with various other MTU settings to no avail...

    Does anyone have any suggestions as to where I should be concentrating
    my efforts? I am assuming this to be a router config problem, but I'm
    out of ideas.

    Any help would be appreciated.

    Thanks!

    AvidFan
     
    avidfan, Oct 24, 2004
    #1
    1. Advertisements

  2. avidfan

    avidfan Guest

    I changed routers to the linksys befsr41 and even after firmware
    upgrades on it also, I have the same problem... Any suggestions?

    Thanks,
     
    avidfan, Oct 24, 2004
    #2
    1. Advertisements

  3. Use 1.45.7 firmware... most stable

    KK

     
    Kaptain Krunch, Oct 24, 2004
    #3
  4. avidfan

    Moe Trin Guest

    Does this mean you can initiate a new connection from one of the LAN
    hosts to something out in the world? Or are you only able to connect
    within your LAN, and there is a problem externally in either/both
    directions> In that case, what are the error messages? While the link
    is wedged, what do traceroutes show from both directions? You may have
    to alter your firewall rules to permit these tests - and they could have
    something to do with your problem.
    Generally, MTU only effects "full sized" packets, and doesn't effect
    small packets, like DNS queries, or FTP sessions where the data transfer
    is limited (such as changing directories). There should be nothing
    that knows about time (i.e. ten minutes). Set your MTU to a sane
    value, and leave it alone. Make sure you are not blocking ICMP type 3
    code 4. TEMPORARILY allow ICMP echo in both directions, and use 'ping'
    with varying sized packets up to 1500 octets while monitoring the
    wires using tcpdump. Note that ping is blocked/dropped by many systems
    now due to abuse of that protocol, so you may need a cooperative
    external site to ping to/from. The point of the ping test is to see
    if there is a MSS limitation - look to see when the packets start
    getting fragmented.
    A frequent problem is people configuring their firewalls to block all
    ICMP packets. Study http://www.iana.org/assignments/icmp-parameters
    and understand the purpose of each message. For troubleshooting at this
    time, make sure ICMP Types 0, 3, 8 and 11 are open in both directions.
    Later, you can kill type 8 inbound of you wish. If you are truly
    paranoid, you could also block 0, 3, and 11 outbound - but in that
    case you will likely break things, and would probably be better served
    by returning your computers to the dealer and getting your money back.

    Old guy
     
    Moe Trin, Oct 25, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.