Solved

duplex mismatch

Posted on 2008-10-09
43
1,481 Views
Last Modified: 2012-05-05
I put in a new AVPN circuit last Saturday between Illinois and Mexico.  I am using the same routers that I was using with my frame relay between Illinois and Mexico.  The circuit is very slow.  I am getting the error below from my router
.1.3.6.1.4.1.9.9.41.1.2.3.1.2.17106: CDP, .1.3.6.1.4.1.9.9.41.1.2.3.1.3.17106: 5, .1.3.6.1.4.1.9.9.41.1.2.3.1.4.17106: DUPLEX_MISMATCH, .1.3.6.1.4.1.9.9.41.1.2.3.1.5.17106: duplex mismatch discovered

I made sure the switch and the router are both hardcoded to 100 full duplex on both sides.  But I am still getting the error.  Can this be part of the speed problem?

If it is, what can I do?
0
Comment
Question by:jtennyson
  • 18
  • 16
  • 4
  • +1
43 Comments
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
One side may not support full deplex.  Try reducing to half duplex 10M.  Then bump up to full duplex 10M.  If that works, try 100 Full again.  If that doesn't work, then it is not supporting the 100 Full.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Hmmm...actually, after submitting that, I thought about the statement that one side may not support full duplex.  Since you were able to set it, the device probably does, but like you may surmise, your connection speed may not support full duplex and 100M.  The solution I suggested still stands, though. :)
0
 

Author Comment

by:jtennyson
Comment Utility
I did what you told me and now I am getting this message from the router in Illinois and the speed is still very slow

1.3.6.1.4.1.9.2.9.3.1.1.6.1: 5, tcpConnState: synReceived, .1.3.6.1.4.1.9.2.6.1.1.5.192.168.1.150.23.192.168.3.47.6211: 72032, .1.3.6.1.4.1.9.2.6.1.1.1.192.168.1.150.23.192.168.3.47.6211: 111, .1.3.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
So you have a switch connected to your router (Chicago) to a rounter (Mexico) to a switch?  If this is the case, is your ping between the two routers good?  Is the ping between your switch and router on the Chicago side good?  Where exactly are you seeing the "slow" network connection?
0
 

Author Comment

by:jtennyson
Comment Utility
When I am inside the router, the ping between to the wan interface of the router in Mexico is good.  Whe I ping a device on the Mexico LAN the ping is extremely slow.  When I took the switch out of autonegotiation yesterday and made both sides half duplex, the circuit wen down.
0
 

Author Comment

by:jtennyson
Comment Utility
Here are my results

RGRay_BG#ping WAN

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to WAN, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/133/137 ms
RGRay_BG#ping LAN

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to LAN, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 296/391/453 ms
0
 

Author Comment

by:jtennyson
Comment Utility
Another thing I have discovered.  When I am in the CLI of the Illinois router I can do a ping and a traceroute to the devices on the Mexican LAN.  When I am in the Mexican router I can do a traceroute and a ping to the interfaces on the Illinois router.  But I can not reach any devices on the Illinois LAN.  I went in to the router from Illinois and I did a rdp to a pc on the Mexican side to telnet in.  I can ping and traceroute through DOS
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Hey jtennyson,

I haven't forgotten about you.  I have your system drawn out and figuring out what is working and not working for you to try and get an idea.  I think one thing this isn't occurring is DNS resolution from your Mexico LAN to your Chicago LAN, which is most likely due to an ip route issue for your name server on your Mexico router.
0
 

Author Comment

by:jtennyson
Comment Utility
I can not ping an address from the Mexico Router.  Also, after our contractor reconfigured the routers I seem to have two serial interfaces in Mexico and only one in Illinois.  See attached.  I never had that before.  
jrzint.TXT
BGint.TXT
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
What is your config for both routers?  I'm wondering if there is a timeslots issue.  Is this a T1 connection?
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Also, your Tunnel0 may not be configured properly since it is only reporting 9kbit bandwidth.  I am assuming that should be going through your serial connections, which has 1984kbit bandwidth.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
What happens if you go in and increase your bandwidth setting for your interface Tunnel0?  I haven't messed with those settings, so not familiar with configuring that side of a router.  Do you have someone at the Mexico site who can reset the router if the setting gets flubbed up?  I do know going into my 2811 I can set up bandwidth setting for the Tunnel0 interface (should I want one).
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Hmmm...nevermind on that bandwidth setting.  I did a look up on the setting and discovered:

The bandwidth is occasionally misinterpreted as a command to modify the bandwidth rate of an interface. You cannot adjust the actual bandwidth of an interface with this command.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Looks like your encapsulations are different; I'm not verse enough on that side to know whether that is an issue or not, but you can look.  Also, your Mexico router shows the serial0/0:0.101 as being up but your Chicago one as deleted.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Here is a copy of my config file minus user ID and password:

version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Boone-Fleck
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
!
no aaa new-model
!
resource policy
!
clock timezone Pacific -8
clock summer-time Pacific date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate wic 0
ip subnet-zero
no ip source-route
ip tcp synwait-time 10
!
!
ip cef
!
!
no ip bootp server
ip name-server 172.17.0.40
!
!
controller T1 0/0/0
 framing esf
 clock source internal
 linecode b8zs
 cablelength short 133
 channel-group 0 timeslots 1-24
bridge irb
!
!
interface FastEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0/0$$ES_LAN$$FW_INSIDE$
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 duplex full
 speed 100
 no mop enabled
 bridge-group 1
!
interface FastEthernet0/1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0:0
 description T1 to Fleck
 no ip address
 bridge-group 1
!
interface BVI1
 ip address 172.17.96.10 255.255.240.0
 ip helper-address 172.17.0.52
!
ip default-gateway 172.17.96.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.17.96.1
!
ip http server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
logging trap debugging
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login Authorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!
!
!
scheduler allocate 20000 1000
ntp clock-period 17180038
ntp update-calendar
ntp server 172.17.0.41
!
end
0
 

Author Comment

by:jtennyson
Comment Utility
I'm still looking for a solution to this problem.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
jtennyson:

I submitted a request for attention on this.  Hopefully we can get some folks like Donjohnston or that1guy15, whom I've "worked" with before on router issues, to come over and take a look at this.
0
 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
Hi guys.

Just to make sure I understand the situation:

You have a switch in Illinois (Switch-IL) which is connected to a router (Router-IL) with a fastethernet link. Router-IL is connected to another router in Mexico (Router-MX) with a T1 line. Router-MX is connected to a switch in Mexico (Switch-MX) with a fastethernet link.

Switch-IL--------------Router-IL-------------------------Router-MX------------Switch-MX
                   ^                                ^                                 ^
            fastethernet                      T-1                         fastethernet

And you're bridging the Illinois LAN to the Mexico LAN.

When you refer to pinging the LAN and WAN interfaces, from where are you performing the pings and what is the destination of the pings?

0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
Hey!  Thanks for coming over, Donjohnston.  I didn't want jtennyson to go too much longer without a resolution.
0
 

Author Comment

by:jtennyson
Comment Utility
When I am inside the Illinois router CLI, I can ping the router interfaces and anything on the LAN in Mexico.  When I am inside the Mexico router I can ping the Illinois router interfaces but nothing on the Illinois LAN.  When I do a RDP into a computer in Mexico and ping from DOS  I can reach devices on the Illinois LAN but it is very slow.
0
NetScaler Deployment Guides and Resources

Citrix NetScaler is certified to support many of the most commonly deployed enterprise applications. Deployment guides provide in-depth recommendations on configuring NetScaler to meet specific application requirements.

 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
> "I can ping the router interfaces"

The router has only one interface, right? (the BVI interface)

From the Mexico router, you can't ping a host on the Illinois LAN.

But from a Mexico host, you can ping a host on the Illinois LAN???
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
jtennyson:

This still sounds like a routing table issue back to your Illinois side.  Because your workstations are able to ping back to Illinois, this shows DNS is being resolved.  Can you nbtstat -a a workstation back in Illinois from a Mexico workstation?  Can you post your configurations for both routers?  Any public IP addresses should be changed to protect yourself, but any non-routable internal addresses should be posted to help see if there is something missing to point back.
0
 
LVL 50

Expert Comment

by:Don Johnston
Comment Utility
I don't see how it's routing problem. From what I can see the traffic is bridged.

Gotta see the configs to know for sure.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
The reason I say that is because ping from the workstations works, which uses DNS to resolve.  I wonder if the reason it doesn't work on the router is because there is not name server set for it.
0
 
LVL 6

Expert Comment

by:CoreyMac
Comment Utility
I see there are a few things to note.  One is that the two ends of the WAN links are not symmetric.  The US side is a T-1 (1.5Mbps) and the Mexico side is an E-1 (2Mbps).  The max for this path will be limited by the U.S. side to 1.5Mbps and it has dropped about 1% of the total output traffic.  The link was at ~87% utilization whent he show commands were run on the U.S. side.
Several answers would help here.
 
Why bridge?  It appears the subnets are all unique and of a /24 mask so routing would seem to be more efficient. (Multicast?)  How large are the local bridged networks and what kinds of traffic are you wanting to route?
Why are there 60K CRC errors on the BGint router Fast Ethernet port?  (duplex/physical problems are most likely)  Clearing the counters and watching for the numbers to change will help.
What does the actual network diagram look like?  Routers, ports, switches, hubs, etc... on both ends.
Is the ~90% traffic load normal?
Are you using any traffic shaping or using FECN/BECN flags to adjust the traffic rates?
In your comment on the 10th at 9:47 you said you RDP'ed from the router????  What did that actually mean?
0
 

Author Comment

by:jtennyson
Comment Utility
I talked to a consultant.  We are going to upgrade the software on the 1700s and use BGP for the connection.  Hopefully that will work
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
jtennyson:

Would you mind popping back in and letting us all know what they do?  I'm curious and always up for learning.  That is one of the reasons I visit this site. :)
0
 

Author Comment

by:jtennyson
Comment Utility
I definately will.  I'm not sure how to keep this open because we won't be doing it for a couple of weeks.  
0
 
LVL 6

Expert Comment

by:CoreyMac
Comment Utility
It could be if we keep commenting, it will stay open.  I am not sure how they mange threads here.
 
Unless there is some kind of a bug in the router code on the 1700s causing this, you will still need to identify the cause of the CRC errors.  These are likely not going to be eliminated by software protocol changes. (duplex mismatches are still the most likely, but physical or cable/switch port problems are a possbility as well.
0
 
LVL 4

Expert Comment

by:Patrick49er
Comment Utility
I agree CoreyMac.  I think she got the duplex set, but the speed is off still I believe.
0
 

Author Comment

by:jtennyson
Comment Utility
The consultant is saying that with the tunnel, the 1700 routers can not handle the traffic.  He thinks it will do better with BGP.  We were using RIP before.  However AT&T will not use that.
0
 

Author Comment

by:jtennyson
Comment Utility
I don't know if we can keep this open.  It will be another 3 weeks before they put the new software on the routers.
0
 
LVL 6

Expert Comment

by:CoreyMac
Comment Utility
Hopefully there is a way they can allow it.  Maybe if you tag it for a moderator to take a look, they can offer advice.
0
 

Author Comment

by:jtennyson
Comment Utility
How do I tag this for the moderator to take a look?
0
 

Author Comment

by:jtennyson
Comment Utility
I would like to keep this open until we install the upgrade on the routers so I can let everyone know if it works.
0
 

Author Comment

by:jtennyson
Comment Utility
I am still waiting for a resolution from AT&t.  It should come in the next couple of weeks.
0
 

Author Comment

by:jtennyson
Comment Utility
At&T has still not changed to the BGP protocol.
0
 

Author Comment

by:jtennyson
Comment Utility
I'm sorry this is taking so long.  I just got the service from AT&T.  Now I am waiting for my consultant.
0
 

Author Comment

by:jtennyson
Comment Utility
We removed the tunnel and put BGP on both routers week.  There iseems to be less latency and the applications are running better over the WAN.
0
 
LVL 6

Expert Comment

by:CoreyMac
Comment Utility
Are the WAN ports and Ethernet interfaces running without errors now?
0
 

Accepted Solution

by:
jtennyson earned 0 total points
Comment Utility
Everything is running without errors now.  It is still slower than the frame relay but the VOIP does not break up and I am not getting complaints from users in Mexico
0

Featured Post

Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

Join & Write a Comment

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now