[afnog] Cisco 1605-R Router problem !

[Alamicha Chapuma]

----- Original Message -----
From: "Brian Candler" <B.Candler at pobox.com>
To: "Alamicha Chapuma" <achapuma at eomw.net>
Cc: <afnog at afnog.org>
Sent: Thursday, October 21, 2004 3:26 PM
Subject: Re: [afnog] Cisco 1605-R Router problem !


| On Thu, Oct 21, 2004 at 03:23:29PM +0200, Alamicha Chapuma wrote:
| > We have a cisco 1605-R router as the gateway to our wireless WAN,
connecting
| > several remote networks to our WAN and the Internet.  The problem we are
| > having is that traffic to hosts on the default wireless network (using
ip
| > numbers in the 172.16.1.x  range) just stops at times.  The remedy to
this
| > is we have to clear the arp-cache on the 1605 router.  What could be
causing
| > this and how can we get rid of this problem or automate the clearing of
the
| > arp-cache so that there is no manual intervention required.
| >
| > Please assist !
|
| Can you describe your set up a bit further? As far as I can see, a 1605-R
| has two ethernet ports and a WAN port. Are you using all three ports?

We are using the 2 ethernet ports only !

| What is connected to each one? What sort of wireless access point(s) are
you
| using? How many clients do you have on the wireless LAN simultaneously?

On one ethernet port is our Network Hub with servers and Internet Gateway.
The other ethernet port is connecting to a wireless SU which links to the
wireless network.  We are talking of a wireless WAN not LAN with 5 wireless
sites.  The are 3 access points - 2 Breezecom and 1 generic one.  The 1605
is like a wireless gateway router.

|
| Do all your clients simultaneously lose access to the network, or just
some?

The sites which loose connectivity are the Breezcom ones.  They are on a
172.16.1.x   network while the others are on a 172.30.x.x network.  The none
Breezecom sites are not being affected by this problem. Note that the 1605
has an ip of 172.16.1.1   on  its wireless side.
|
| How often does this occur? Is it only a certain times of day?

This occurs several times a day (say 5 or more)

|
| There are lots of problems which it might be. Off the top of my head, I'd
| say the most likely ones are:
|
| (1) One of your wireless clients has configured themselves with the same
IP
| address as the Cisco router, and so traffic starts to hit them instead of
| the Cisco.
|
| (2) Some problem with the access point running out of memory for its
| bridging table (or if you have a low-cost switch sitting between the AP
and
| the Cisco). Having said that, it should revert to broadcasting packets
whose
| MAC address it does not know, so I think that's not very likely.
|
| (3) A software bug in either the router or the AP. Hard to prove without
| sticking a Unix box on the ethernet segment running tcpdump, and another
on
| the wireless segment, and seeing where the packets are stopping.
|
| To avoid having to keep kicking the Cisco, you could try reducing the ARP
| timeout. e.g. to reduce it to 5 mins (from the default of 4 hours) try:
|
|    int e0
|      arp timeout 300

We tried setting the timeout to 5 mins as suggested here but that didn't
change anything.

Some one has suggested ip route-cache on the problem interface.  We will be
looking into this.

|
| If that doesn't work, you could write a script using 'expect' to telnet
into
| the router and do a clear arp-cache, and run it periodically from cron.
But
| that's not a good solution; it would be much better to try and uncover
what
| the underlying problem is.
|
| HTH,
|
| Brian.