Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Internet Connection Times Out Periodically

Posted on 2011-03-02
7
Medium Priority
?
1,776 Views
Last Modified: 2012-05-11
Our company network has been dropping its connection to the Internet every 1 - 2 hours for 20 - 120 seconds for the past 72 hours. Our ISP is Windstream. We have seven bonded T1s. I can ping the public gateway continuously all day and I can see that we lose our connection for about 10 to 14 pings or about one minute per occurrence.  When it goes offline, normal users do not notice because it comes back quickly. However, our VPN users are kicked offline and cannot work. Large file transfers and back ups are also interrupted. We use a SonicWALL NSA 2400. I have no errors in the log and I have rebooted it. Windstream is about to blame this on internal equipment because they cannot see any problems remotely.

What is the solution?
Should I start immediate ISP shopping?
Has anyone seen anything like this before?

Please help!
JM  Latest Outage as of 3.2.11
0
Comment
Question by:alnc2004
  • 3
  • 3
7 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 35024402
let's confirm a few things first.

edit the WAN interface and try setting the negotiation first to 100mb/full then to 100mb/half. do either help?

then, let's look at MTU on the WAN interface. review my article for this setting on the sonicwall appliance. work through it and report back your results.

http://www.experts-exchange.com/viewArticle.jsp?articleID=3110
0
 
LVL 3

Expert Comment

by:macoronat
ID: 35036916
I don't have experience on solicwall appliances, but I recomend you to connect a PC directly to the router and run the extended ping again, see if there is the same behaviour.  Then, as digitap said, check your MTU settings at the WAN links.  Verify that you have the correct encapsulation and linecode for the T1's.  Check if the physical interfaces are reporting any errors.  If they are, you can unbind your T1's one by one and do a loopback cable:

-Use wire cutters to create a working RJ-45 cable that is 5 inches long with an attached connector.
-Strip the wires.
-Twist the wires from pins 1 and 4 together.
-Twist the wires from pins 2 and 5 together.
-Leave the rest of the wires alone.

Put the cable on you sonicwall's T1 port (I'm assuming that your appliance has integrated CSU/DSU). Assign an IP address to the unbond T1, clear the counters of that interface and run an extended ping from the sonicwall router to that IP address. See if you find any errors.  Bind the T1 back.

Then do that for each T1.  If you see errors on the interfaces, you have some bad hardware.  If not you have an ISP issue  (time to look for a new provider).

Cheers!
0
 

Accepted Solution

by:
alnc2004 earned 0 total points
ID: 35059643
It turned out that a computer on our network was infected with a virus that was part of a DDoS attack. That computer was sending 11212 Byte files to an outside IP on over 6,000 ports, which crippled our router.

Thanks for the suggestions,
Jess
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 33

Expert Comment

by:digitap
ID: 35060407
@jess :: what did you do to find the device?
0
 

Author Comment

by:alnc2004
ID: 35060478
I replaced the NSA 2400 with another brand new one and we had the same problem. I ran an activity scan on my open connections and found that one IP on my network had over 6K connections. I isolated that machine and disconnected it from the network and the problem was solved instantly. Now I have to clean the virus, but that's nowhere nearly as bad as having a network outage.
0
 
LVL 33

Expert Comment

by:digitap
ID: 35060491
indeed...working another question with the same issue as yours. i've recommended the same steps you've just confirmed so we'll see where it goes. thanks for the extra information. good luck with the virus.
0
 

Author Closing Comment

by:alnc2004
ID: 35115322
It was not an ISP or a firewall problem. It was an internal computer that caused our service to go out.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question