[inet-admins] 5300, 3640 and catalyst 1900

[Alexander Kolesnik <sasha@lanck.net>]

Добрый день, уважаемые админы.

Может  быть  кто-либо  из  вас  сможет  объяснить  следующую ситуацию.
Конфигурация:
  C3640   - 2 ethernet, 2 serial module, (остальное, думаю, не важно)
  AS5300  - 10MB ether, 100MB ether, 4 serial, 8 PRI, 120 MICA modems

Схема куска сети:

 Linux server
      |  ---------- Sun Solaris/UltraSPARC
      |  |
      |  | |------- some other servers
      |  | |
------o--o-o-
Catalyst 1900
--o-------o--
  |       |
  |       |
  |e0/0   |e0
C3640  AS5300

Коннектимся к 53'ей по диалапу и начинаем качать файл по FTP (или HTTP
-  не  важно) с линуксового сервера (на самом деле тоже не важно, т.к.
данная  проблема  проявляется  откуда  бы файл не качался: с серверов,
расположенных   в   локальном  езернете,  или  с  удаленных  хостов  в
интернете).  Периодически,  передача  приостанавливается  на несколько
секунд, но потом снова возобновляется.
На   100   процентов   уверен,   что   телефонная   линия  не  причем
(эксперементально подтвердилось).
Однако,  стоит  только  переключить AS5300 во второй езернет 3640, как
данный эффект исчезает. Совсем.
При  подключении  по диалапу к 3640 (аналоговые модемы, подключенные к
асинхронным  портам),  такого  эффекта не наблюдается. Также описанный
эффект   не   наблюдается   при   перекачке  файлов  в  любых  других
направлениях.
Смотрел  загрузку  маршрутизатора  5300  - не более 10-20%. Езернет не
перегружен. Короче - не понятно :-(

Может кто-нибудь объяснить, что происходит и как это вылечить?

Вот конфиг 5300:

Cisco Internetwork Operating System Software
IOS (tm) 5300 Software (C5300-IS-M), Version 12.0(4)XJ4, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
cisco AS5300 (R4K) processor (revision A.32) with 65536K/16384K bytes of memory.
[...]
Manufacture Cookie Info:
 EEPROM Type 0x0001, EEPROM Version 0x01, Board ID 0x30,
 Board Hardware Version 3.1, Item Number 800-2544-3,
 Board Revision D0, Serial Number 17915547,
 PLD/ISP Version 0.0, Manufacture Date 22-Feb-200.
1 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
66 Serial network interface(s)
120 terminal line(s)
8 Channelized E1/PRI port(s)
128K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
8192K bytes of processor board Boot flash (Read/Write)


version 12.0
service timestamps debug datetime
service timestamps log datetime
service password-encryption
service hide-telnet-addresses
!
hostname as
!
boot system flash
aaa new-model
aaa authentication username-prompt "login: "
aaa authentication login default tacacs+ enable
aaa authentication ppp default if-needed tacacs+
aaa authorization exec default tacacs+ if-authenticated
aaa authorization commands 1 default tacacs+ if-authenticated
aaa authorization commands 15 default tacacs+ if-authenticated
aaa authorization network default tacacs+ if-authenticated
aaa accounting exec default start-stop tacacs+
aaa accounting network default start-stop tacacs+
aaa accounting connection default start-stop tacacs+
enable secret 5 <removed>
enable password 7 <removed>
!
clock timezone MSK 3
clock summer-time MSD recurring last Sun Mar 3:00 last Sun Oct 3:00
modem recovery action none
ip subnet-zero
no ip rcmd domain-lookup
ip rcmd rsh-enable
ip rcmd remote-host user x.x.x.x user enable 2
ip rcmd source-interface Ethernet0
ip tcp path-mtu-discovery
ip domain-name lanck.net
ip name-server 195.133.230.1
!
ip accounting-threshold 10000
multilink virtual-template 1
async-bootp dns-server 195.133.230.1
isdn switch-type primary-net5
modemcap entry mymica:FD=&f&d2s0=1s39=0s52=1:MSC=debugthismodem s43=0
mta receive maximum-recipients 0
!
!
controller E1 0
 clock source line primary
 pri-group timeslots 1-31
!
controller E1 1
 clock source line secondary 1
 pri-group timeslots 1-31
!
controller E1 2
!
controller E1 3
!
controller E1 4
!
controller E1 5
!
controller E1 6
!
controller E1 7
!
!
!
interface Loopback0
 ip address x.x.x.x 255.255.255.192
 no ip directed-broadcast
!
interface Ethernet0
 ip address x.x.x.x 255.255.255.252 secondary
 ip address x.x.x.x 255.255.255.192
 ip access-group 131 in
 ip access-group 130 out
 no ip directed-broadcast
 no cdp enable
!
interface Virtual-Template1
 ip unnumbered Loopback0
 no ip directed-broadcast
 peer default ip address pool Dialup-Pool
 ppp authentication pap
 ppp multilink
!
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
 clockrate 2015232
 no cdp enable
!
interface Serial1
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
 clockrate 2015232
 no cdp enable
!
interface Serial2
 no ip address
 no ip directed-broadcast
 shutdown
 no fair-queue
 clockrate 2015232
 no cdp enable
!
interface Serial3
 no ip address
 no ip directed-broadcast
 shutdown
 no fair-queue
 clockrate 2015232
 no cdp enable
!
interface Serial0:15
 bandwidth 2048
 ip unnumbered Loopback0
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache
 no logging event link-status
 dialer idle-timeout 2147483
 dialer wait-for-carrier-time 75
 dialer-group 1
 isdn switch-type primary-net5
 isdn incoming-voice modem
 isdn modem-busy-cause busy
 peer default ip address pool Dialup-Pool
 no fair-queue
 no cdp enable
 ppp authentication pap
!
interface Serial1:15
 bandwidth 2048
 ip unnumbered Loopback0
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache
 no logging event link-status
 dialer idle-timeout 2147483
 dialer wait-for-carrier-time 75
 dialer-group 1
 isdn switch-type primary-net5
 isdn incoming-voice modem
 isdn modem-busy-cause busy
 peer default ip address pool Dialup-Pool
 no fair-queue
 no cdp enable
 ppp authentication pap
!
interface FastEthernet0
 no ip address
 no ip directed-broadcast
 shutdown
 no cdp enable
!
interface Group-Async1
 ip unnumbered Loopback0
 ip access-group 141 in
 ip access-group 140 out
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache
 no ip mroute-cache
 no logging event link-status
 carrier-delay msec 0
 async dynamic address
 async mode interactive
 peer default ip address pool Dialup-Pool
 no fair-queue
 no cdp enable
 ppp authentication pap
 ppp multilink
 group-range 1 60
 hold-queue 10 in
!
interface Dialer0
 ip unnumbered Loopback0
 ip access-group 141 in
 ip access-group 140 out
 no ip directed-broadcast
 no ip route-cache
 no ip mroute-cache
 no fair-queue
 no cdp enable
!
ip local pool Dialup-Pool x.x.x.x x.x.x.x
no ip http server
ip classless
ip default-network 0.0.0.0
ip route 0.0.0.0 0.0.0.0 x.x.x.x
!
logging trap warnings
logging source-interface Ethernet0
logging x.x.x.x
access-list 130 deny   udp any any eq netbios-ns
access-list 130 deny   udp any any eq netbios-dgm
access-list 130 deny   tcp any any range 137 139
access-list 130 deny   udp any any range netbios-ns netbios-ss
access-list 130 deny   udp any any eq syslog
access-list 130 deny   tcp any any eq 617
access-list 130 deny   udp any any eq 12345
access-list 130 deny   udp any any eq 31337
access-list 130 permit ip any any
access-list 131 deny   udp any any eq netbios-ns
access-list 131 deny   udp any any eq netbios-dgm
access-list 131 deny   tcp any any range 137 139
access-list 131 deny   udp any any range netbios-ns netbios-ss
access-list 131 deny   udp any any eq syslog
access-list 131 deny   tcp any any eq 617
access-list 131 deny   udp any any eq 12345
access-list 131 deny   udp any any eq 31337
access-list 131 deny   tcp any any eq lpd
access-list 131 deny   udp any any eq sunrpc
access-list 131 deny   tcp any any eq sunrpc
access-list 131 deny   udp any any eq xdmcp
access-list 131 permit ip any any
access-list 140 deny   udp any any range netbios-ns netbios-ss
access-list 140 deny   tcp any any range 137 139
access-list 140 deny   udp any any eq 12345
access-list 140 deny   udp any any eq 31337
access-list 140 permit ip any any
access-list 141 deny   udp any any range netbios-ns netbios-ss
access-list 141 deny   tcp any any range 137 139
access-list 141 deny   udp any any eq 12345
access-list 141 deny   udp any any eq 31337
access-list 141 permit ip any any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
no cdp run
tacacs-server host x.x.x.x key <removed>
tacacs-server timeout 15
snmp-server engineID local 00000009020000B064835F64
snmp-server community <removed> RO
!
line con 0
 exec-timeout 0 0
 transport input none
line 1 60
 autoselect during-login
 autoselect ppp
 modem Dialin
 modem autoconfigure type mymica
 exec-character-bits 8
 special-character-bits 8
 transport preferred none
 transport input all
 escape-character NONE
 autohangup
line 61 120
line aux 0
 no exec
 modem InOut
 transport preferred none
 transport input all
line vty 0 4
 exec-timeout 0 0
!
ntp clock-period 17246713
ntp server 194.186.254.22 prefer
end

-- 
С уважением,
Александр Колесник.


=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on http://info.east.ru/rus/inetadm.html