Solved

cisco router question

Posted on 2013-05-13
5
271 Views
Last Modified: 2013-05-22
we have an integrated voice and data circuit and lately we've been having voice issues.   Every so often the provider has to bounce the iad because of memory utilization and bandwidth utilization.   I've installed mrtg on one of my server and am monitoring the outside interface of our firewall since I don't have access to their Cisco IAD/Router.   I do see the bandwidth spikes; however i haven't been able to pinpoint the source of the congestion yet...except that it is coming from outside the network.  

When I talk to my provider, they are not much help, telling me that their Cisco router is in bridge mode and just passing the traffic to our network and thus they can't really see the traffic because it's in bridge mode.

Shouldn't they at least be able to see what's hitting their network even if their router is in bridge mode?
0
Comment
Question by:techlinden
  • 3
5 Comments
 
LVL 9

Accepted Solution

by:
BigPapaGotti earned 500 total points
ID: 39161955
Yes they should be able to run some sort of packet capture to see where these packets are sourcing from. This is something that you would be able to accomplish as well however. There is something called NetFlow that you can enable to allow you to see what and where this traffic is coming from. Here is an article detailing the command and when to use what and where.

http://www.plixer.com/blog/general/ip-route-cache-flow-or-ip-flow-ingress-which-do-i-use/
0
 
LVL 11

Expert Comment

by:naderz
ID: 39162657
Do you have any SLAs with your provider for maintaining the data and voice service? I would think that if they (the provider) considers it necessary to "bounce" their IAD, they would have to do something about it. They need to have some method for congestion detection and policing (QoS) to prevent this if they are providing the service.
0
 

Author Comment

by:techlinden
ID: 39162725
I think i tried to use netflow? is that a solar winds product.  right now i have MRTG monitoring my firewall and I'm running snoop on the juniper out to a tftp server where i'm using wireshark to analyze the files but not seeing anything out of the ordinary.   But since i'm looking at traffic on the packet level everything is broken down into 1514 packets or less....plus i'm not a wireshark guru.  

This guy i keep getting every time i call the provider is totally useless.  He sings and hums off key while looking at his equipment and cracking jokes about how it's our issue and his router is in bridge mode so it's our problem.  I tried to tell him that even if my firewall is blocking all the traffic, his router is on the perimeter and in front of my firewall.

I told our account rep i wanted it escalate to a level 2 or 3 technician.   Anyway, I'll click on the link above and see it has to say about netflow.   arggggggggg!
0
 

Author Comment

by:techlinden
ID: 39162732
Ah.  I see your referencing cisco netflow.   I should tell the provider to use it.  I don't have access to the cisco router.  It's managed by our provider.  Our firewall is a juniper that sits behind the provider IAD.
0
 

Author Closing Comment

by:techlinden
ID: 39187484
I'm going to close this question.  We ended up using their backup internet (comcast) as their primary and now their voice/data circuit is only used for voice.  That seemed to help, although they called me yesterday because they couldn't make outbound calls and I had them reboot the provider's IAD and it came back up.  I don't know how much information i can gather without access to the providers router/iad.  I did run netflow on an mpls router they aren't using much any more just to see it.  Outputted the flow to solarwinds netflow analyzer.....pretty cool.  too bad I couldn't do something like that with their IAD.   Anyone considering Cbeyond.....I would steer clear!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now