Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Odd networking issue

Posted on 2014-12-12
10
Medium Priority
?
109 Views
Last Modified: 2014-12-26
Our main internet connection is Windstream and we have a backup Verizon DSL line.  The Windstream connection uses a Linksys RV220W router.  We manually switch the cable to the DSL Westell router if ever needed.

We were starting to experience random network issues.  Some computers were getting random errors in our Database software and ping tests showed some small packet loss.  When we switch over to DSL, the problems immediately go away.  If we switch back to the Windstream connection, the issues come back, but not right away.  Normally it takes an hour or so but ALWAYS comes back.  We replaced the RV220W router and upgraded the firmware in it.  Our 2 servers are fully patched.   I've done a deep malware scan on both servers.  The only thing that makes sense to me is some kind of flood attach to the Windstream IP address.  Unfortunately the RV220W logs don't tell me much.  Any ideas?
0
Comment
Question by:Sean Rhudy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 11

Expert Comment

by:rharland2009
ID: 40497000
What kind of connection is the Windstream pipe? Ethernet handoff, etc.?
Here's a test you could do to at least doublecheck yourself and isolate the issue.
Switch over to DSL for the time being, since that's a stable connection.
Connect a computer or small test network directly to the Windstream pipe, and see if the creeping errors recur, or if it stays clean. You'll likely have to re-address whatever computer you connect to the Windstream pipe unless they hand out DHCP to you, but it'd be a good way to show Windstream 'this connection suffers packet loss/latency/other issues separate of any of our internal infrastructure'.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 40497038
Presumably the RV is not set in failover mode, correct?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40497440
What logging options have you enabled on the RV220W?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 17

Expert Comment

by:vivigatt
ID: 40499352
I have had a similar issue with a netgear modem/router.
I disabled IP flood (Syn flood) detection in the firewall settings and now it is much better...
I run a local DNS inside my LAN (behind the NAT) and it seems that DNS queries are detected as "syn-flood" attacks
0
 

Author Comment

by:Sean Rhudy
ID: 40501742
rharland2009; Yes, it's an ethernet handoff. I switched over to the DSL line and I connected a single laptop with a static IP for testing. So far, everything looks good.

fmarshall: No, it's not in failover mode.

giltjr: I have enabled all logging, but the logging in this device is not the best.  There isn't much in the logs at all.

vivigatt: I disabled Syn Flood detection, but same issues.
0
 
LVL 17

Expert Comment

by:vivigatt
ID: 40501752
Have you tried completely disabling the firewall and see if this is any better ?
0
 

Accepted Solution

by:
Sean Rhudy earned 0 total points
ID: 40512454
So somebody had plugged in a cheap wireless extender.  The extender was handing out IP's, but what made this hard to figure out is that the DHCP Server listed when I did an IPCONFIG /ALL was the correct server, but wrong info.  We unplugged the extender and the problem was solved.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 40513312
What does this mean:
the correct server, but wrong info.
?
0
 
LVL 17

Expert Comment

by:vivigatt
ID: 40515142
You meant a rogue DHCP server ?
0
 

Author Closing Comment

by:Sean Rhudy
ID: 40518239
Unplugging the extender fixed the issue.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question