Sean Rhudy
asked on
Odd networking issue
Our main internet connection is Windstream and we have a backup Verizon DSL line. The Windstream connection uses a Linksys RV220W router. We manually switch the cable to the DSL Westell router if ever needed.
We were starting to experience random network issues. Some computers were getting random errors in our Database software and ping tests showed some small packet loss. When we switch over to DSL, the problems immediately go away. If we switch back to the Windstream connection, the issues come back, but not right away. Normally it takes an hour or so but ALWAYS comes back. We replaced the RV220W router and upgraded the firmware in it. Our 2 servers are fully patched. I've done a deep malware scan on both servers. The only thing that makes sense to me is some kind of flood attach to the Windstream IP address. Unfortunately the RV220W logs don't tell me much. Any ideas?
We were starting to experience random network issues. Some computers were getting random errors in our Database software and ping tests showed some small packet loss. When we switch over to DSL, the problems immediately go away. If we switch back to the Windstream connection, the issues come back, but not right away. Normally it takes an hour or so but ALWAYS comes back. We replaced the RV220W router and upgraded the firmware in it. Our 2 servers are fully patched. I've done a deep malware scan on both servers. The only thing that makes sense to me is some kind of flood attach to the Windstream IP address. Unfortunately the RV220W logs don't tell me much. Any ideas?
Presumably the RV is not set in failover mode, correct?
What logging options have you enabled on the RV220W?
I have had a similar issue with a netgear modem/router.
I disabled IP flood (Syn flood) detection in the firewall settings and now it is much better...
I run a local DNS inside my LAN (behind the NAT) and it seems that DNS queries are detected as "syn-flood" attacks
I disabled IP flood (Syn flood) detection in the firewall settings and now it is much better...
I run a local DNS inside my LAN (behind the NAT) and it seems that DNS queries are detected as "syn-flood" attacks
ASKER
rharland2009; Yes, it's an ethernet handoff. I switched over to the DSL line and I connected a single laptop with a static IP for testing. So far, everything looks good.
fmarshall: No, it's not in failover mode.
giltjr: I have enabled all logging, but the logging in this device is not the best. There isn't much in the logs at all.
vivigatt: I disabled Syn Flood detection, but same issues.
fmarshall: No, it's not in failover mode.
giltjr: I have enabled all logging, but the logging in this device is not the best. There isn't much in the logs at all.
vivigatt: I disabled Syn Flood detection, but same issues.
Have you tried completely disabling the firewall and see if this is any better ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What does this mean:
the correct server, but wrong info.?
You meant a rogue DHCP server ?
ASKER
Unplugging the extender fixed the issue.
Here's a test you could do to at least doublecheck yourself and isolate the issue.
Switch over to DSL for the time being, since that's a stable connection.
Connect a computer or small test network directly to the Windstream pipe, and see if the creeping errors recur, or if it stays clean. You'll likely have to re-address whatever computer you connect to the Windstream pipe unless they hand out DHCP to you, but it'd be a good way to show Windstream 'this connection suffers packet loss/latency/other issues separate of any of our internal infrastructure'.