cisco router question

we have an integrated voice and data circuit and lately we've been having voice issues.   Every so often the provider has to bounce the iad because of memory utilization and bandwidth utilization.   I've installed mrtg on one of my server and am monitoring the outside interface of our firewall since I don't have access to their Cisco IAD/Router.   I do see the bandwidth spikes; however i haven't been able to pinpoint the source of the congestion yet...except that it is coming from outside the network.  

When I talk to my provider, they are not much help, telling me that their Cisco router is in bridge mode and just passing the traffic to our network and thus they can't really see the traffic because it's in bridge mode.

Shouldn't they at least be able to see what's hitting their network even if their router is in bridge mode?
Who is Participating?

Improve company productivity with a Business Account.Sign Up

BigPapaGottiConnect With a Mentor Commented:
Yes they should be able to run some sort of packet capture to see where these packets are sourcing from. This is something that you would be able to accomplish as well however. There is something called NetFlow that you can enable to allow you to see what and where this traffic is coming from. Here is an article detailing the command and when to use what and where.
Do you have any SLAs with your provider for maintaining the data and voice service? I would think that if they (the provider) considers it necessary to "bounce" their IAD, they would have to do something about it. They need to have some method for congestion detection and policing (QoS) to prevent this if they are providing the service.
techlindenAuthor Commented:
I think i tried to use netflow? is that a solar winds product.  right now i have MRTG monitoring my firewall and I'm running snoop on the juniper out to a tftp server where i'm using wireshark to analyze the files but not seeing anything out of the ordinary.   But since i'm looking at traffic on the packet level everything is broken down into 1514 packets or i'm not a wireshark guru.  

This guy i keep getting every time i call the provider is totally useless.  He sings and hums off key while looking at his equipment and cracking jokes about how it's our issue and his router is in bridge mode so it's our problem.  I tried to tell him that even if my firewall is blocking all the traffic, his router is on the perimeter and in front of my firewall.

I told our account rep i wanted it escalate to a level 2 or 3 technician.   Anyway, I'll click on the link above and see it has to say about netflow.   arggggggggg!
techlindenAuthor Commented:
Ah.  I see your referencing cisco netflow.   I should tell the provider to use it.  I don't have access to the cisco router.  It's managed by our provider.  Our firewall is a juniper that sits behind the provider IAD.
techlindenAuthor Commented:
I'm going to close this question.  We ended up using their backup internet (comcast) as their primary and now their voice/data circuit is only used for voice.  That seemed to help, although they called me yesterday because they couldn't make outbound calls and I had them reboot the provider's IAD and it came back up.  I don't know how much information i can gather without access to the providers router/iad.  I did run netflow on an mpls router they aren't using much any more just to see it.  Outputted the flow to solarwinds netflow analyzer.....pretty cool.  too bad I couldn't do something like that with their IAD.   Anyone considering Cbeyond.....I would steer clear!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.