Intermittent network outages.
We have been experiencing network outages for some time lasting only a few seconds at a time but enough to cause problems for us. Recently I started running hour long ping processes targeting Google’s dns servers, our firewall, the buildings firewall(which I also manage), the 2 wifi ap’s for our offices, an in-house file server, an MFP printer and 2 computers on the two different floors. When we experience and outage the only packet loss is on the pings for googles dns servers and both firewalls. The firewalls are setup on for the building with a splice going to use for our static ips and port routing. whats been even harder is ill go several hours with no outage on anything and other times on the firewalls and googles dns servers ill have up to 6.7 percent packet loss, with the average being 5 percent when there are outages and they come in spurts. there will be an outage for several seconds followed by several more seconds of good connectivity and then another outage or 2 before it goes back to normal for an extended period of time. At this point im concluding that it has to be either the cable from the firewall to our main switch, the physical port on our switch or our firewall itself. Are there any other logical options? Does my current logic hold water?
ASKER
Both firewalls are sonicwalls, one is a year old and licensed, that one is ours, the one for the building is an old tz100 that was never licensed and is past its end of life date but the building owners will not replace it because it still "works" when they do they will most likely replace it with a basic off the shelf router. the only reason i manage it is because we have expensive needs in terms of port forwarding and a large number of external ip addresses. if the building firewall was at fault id think i could reach my firewall but not it? the switch is an unmanaged dell switch so I'm fairly certain there is no way to update its firmware, though i may be wrong, i also don't suspect it since everything on this side of the switch works, if it were an issue id expect i couldnt ping anything on the lan if the switch was to blame. am i wrong on any of my assumptions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The cable from he buildings firewall to ours is a straight run with normal ethernet ends on it, no punch downs. the quality of the cable ends looks good, the jacket is inside the jack and its crimped in there. i have made a new patch cable myself with quality cable and ends that i will be swapping the one from the switch to our firewall as well as using a new port on the switch. The run through the building from the buildings firewall to ours is about 200 feet. if it comes to it ill replace the jacks on both ends. sadly i don't have a punchdown tool so ill be using the other way. i am away that twisted pair cables, copper isn't just copper, the different pairs have different impedances same as RCA composite video is a different impedance than the left/right audio RCA cables. I usually always terminal cables in B. Ill post tomorrow after I've swapped the cables and ports.
ASKER
Just to clarify our firewall plugs into our switch via a patch cable and the firewall has the 200 foot run back to the buildings firewall. everything else I'm pinging is coming right off the main switch with no additional switch hops.
So the path to the Internet goes from your SonicWALL that you own, through the Sonic that you don't own them out to the Internet. Sounds like there is at least one piece of equipment that you don't have access to that may be part of the problem probably a router that you don't have access to also. And have you checked with the ISP to see if they've had any issues with the line coming in
ASKER
the network goes as follows from the ISP: ISP->building sonicwall->(long cable run)->my sonicwall->(patch cable)->switch->everything
ASKER
The buildings sonicwall's interface for my sonic wall is configured to transparent mode(splice L3 subnet)
I guess you mean "plugs" and not "jacks" on that long cable, eh?
So if the long cable has RJ-45 plugs that are going direct into the two Sonicwall devices then even if their terminations look good, they remain suspect. Presumably this is not an end-to-end manufactured cable and, even if it were, .....
If the long cable has jacks at the ends then there would be a patch cable at each end also.
Just trying to be clear.
But, still, I thought we had eliminated that connection as being within the boundaries of the problem. No?
I had concluded from your description that the issue is between your switch and your firewall.
So that means:
- the patch cable which should be replaced without question.
- the ports on the switch and the firewall that are involved in this connection.
Is that right?
So if the long cable has RJ-45 plugs that are going direct into the two Sonicwall devices then even if their terminations look good, they remain suspect. Presumably this is not an end-to-end manufactured cable and, even if it were, .....
If the long cable has jacks at the ends then there would be a patch cable at each end also.
Just trying to be clear.
But, still, I thought we had eliminated that connection as being within the boundaries of the problem. No?
I had concluded from your description that the issue is between your switch and your firewall.
So that means:
- the patch cable which should be replaced without question.
- the ports on the switch and the firewall that are involved in this connection.
Is that right?
Any other building occupants running off buildings firewall.
I have been in situations before where new tenants had incredible bandwidth needs (owner was downloading movies at lunch time) , which killed everyone's bandwidth, slowed down to a crawl, and then things time out and makes it appear that there is a temp outage. Just throwing out another possibility...
I have been in situations before where new tenants had incredible bandwidth needs (owner was downloading movies at lunch time) , which killed everyone's bandwidth, slowed down to a crawl, and then things time out and makes it appear that there is a temp outage. Just throwing out another possibility...
Your logic seem sound, however I would be pointing my finger at the SonicWALL device first; a problem there would seem more probably.
A couple of suggestions that may help:
1. If you are using PING grab a copy of pingplotter. This has a FREE 30 day demo, and is kinda like a really fancy ping program.
2. Set up a SYSLOG server on your PC (or a server, and configure the SonicWALL devices to log to it. You might catch something useful.
A couple of suggestions that may help:
1. If you are using PING grab a copy of pingplotter. This has a FREE 30 day demo, and is kinda like a really fancy ping program.
2. Set up a SYSLOG server on your PC (or a server, and configure the SonicWALL devices to log to it. You might catch something useful.
Hi There,
Below is the connectivity as per your post:
ISP->building sonicwall->(long cable run)->my sonicwall->(patch cable)->switch->everything
Now from the LAN server/desktop, you have updated that you face losses to your sonic wall, building sonicwall and google DNS.
The first point that intercepts the path taken from your case would be your Sonicwall.
Below would be my suggestions:
Administration perspective
i)
Set up an appropriate monitoring tool to monitor your network devices like cacti (free).
ii)
Ensure that you have syslog enabled on your devices to point to a server so that you could correlate logs and join the dots.
Troubleshooting perspective
i)
When the monitoring tool indicates an issue with ping your sonic wall, verify the point to point connectivity from switch to the Sonicwall.
ii)
If there are drops, it means there is an issue in the media.
Follow the below steps:
a)
Have the end to end testing done from patch panel port to the patch panel port.
If the same is fine, replace the cables connecting the end devices i.e your firewall and the switch.
b)
Also test the connectivity via ping from your firewall to the building firewall (ISP facing) and from ISP facing to 4.2.2.2 to isolate the cause.
Below is the connectivity as per your post:
ISP->building sonicwall->(long cable run)->my sonicwall->(patch cable)->switch->everything
Now from the LAN server/desktop, you have updated that you face losses to your sonic wall, building sonicwall and google DNS.
The first point that intercepts the path taken from your case would be your Sonicwall.
Below would be my suggestions:
Administration perspective
i)
Set up an appropriate monitoring tool to monitor your network devices like cacti (free).
ii)
Ensure that you have syslog enabled on your devices to point to a server so that you could correlate logs and join the dots.
Troubleshooting perspective
i)
When the monitoring tool indicates an issue with ping your sonic wall, verify the point to point connectivity from switch to the Sonicwall.
ii)
If there are drops, it means there is an issue in the media.
Follow the below steps:
a)
Have the end to end testing done from patch panel port to the patch panel port.
If the same is fine, replace the cables connecting the end devices i.e your firewall and the switch.
b)
Also test the connectivity via ping from your firewall to the building firewall (ISP facing) and from ISP facing to 4.2.2.2 to isolate the cause.
I would then look at firmware updates for the switches and the firewalls they contain the drivers for the NIC's also.