TOPIC:

I find your website very informative and was hoping that you can help me out with a problem. I seem to be unable to find any discussion about it yet...

We have a Cayman 3546 DSL modem/router. We are given a WAN block and a LAN block. What we wanted to do is to have one of our webservers be visible outside of the LAN block while having private IPs.

Initially, the configuration was from the DSL line box, the Cayman 3546 DSL modem/router is connected. On one of the Cayman 3546 ports, we have the Linksys Switch (EZXS16W) connected.

Assuming we have the following IPs issued to us by the ISP:

WAN network block aa.bbb.cc.48/30
WAN Subnet: 255.255.255.252
WAN GW: aa.bbb.cc.49
useable: aa.bbb.cc.50

LAN network: aa.ddd.ee.40/29
LAN subnet: 255.255.255.248
GW: aa.ddd.ee.46
useable: 41 to 45


For the private IPs, we wanted to use:

10.12.1.xxx
10.12.1.100 (webserver we wanted to be publicly accessible) while being able to access locally
subnet 255.255.255.0

we wanted to let everyone with the private static IP to be able to browse the internet. they were connected through the DSL modem/router port through a Linksys switch.

i need to know what i need to define in the Cayman... apparently, the configuration set by the ISP would allow it to work for a few hours and after which, the Cayman router would become unstable with the port indicator lights blinking rapidly. unfortunately, we don't know what the previous configuration was before the ISP changed anything. Finally they declared that the router may be defective and so it was replaced with configurations all reset to default. when the problem recurred, the ISP is saying it's not within their scope. now we are on our own to put it back in a working state.

please help.


[img]images/smiles/icon_confused.gif[/img]

Life,

Putting the router configuration on the side, you have a router that works fine for a few hours and then starts blinking rapidly and becomes unstable.

Keeping in mind that at the same time you seem to have some webservers and possibly other machines which are directly connected to the Internet via this router, and without knowing exactly what the setup of your network is, I would dare to ask if you have thought of this problem being possibly related to any external attacks ?

In my previous company, we had a small webserver running off a 64K ISDN connection via our cisco 1600 router. I had configured the webserver to also host Firewall.cx and one day I noticed the Internet connection was flat out, we couldnt get any packets out and the router's link lights were blinking like crazy. At first I thought it had something to do with the router 'playing up', so I'd switch it off and then back on, after a few hours, the same thing would happen, so I thought I'd connect a pc to the link and see whats going on.

I was suprised to see that there were all these requests coming from 3-4 different hosts, some being ICMP echos, other https requests, and it was clear that the router was under attack.

No matter how impossible I thought it would have been, it happened without me realising it.

Next time the problem occurs, take a look and the link to see if there is any data coming from the Internet.

On another note now, at my present company, we use Cisco routers which have been setup by myself to perform NAT in order to allow us to access the Internet. What I have noticed is that Cisco routers sometimes get sessions that have closed, stuck in its NAT table, and this accumilates until they chew up the routers memory and cpu cycles and the router begins to drop packets, once the NAT table is manually cleared, everything is back to normal! I've also confirm this to be a problem with a good CCNP friend of mine.

So I'd suggest you also check the manufacture's website for any possible problems the router might have.

If your research doesn't prove fruitful, let us know and we can examine it futher.

Cheers,