1
1
I'm having problems connecting my LAN to aDSL.
I run a Mac Mini server with a fixed IP address, and my own named, smtpd, httpd, etc. There are two other Ethernet computers, and an Airport Extreme WiFi router (configured as a bridge), running through an 8-port switch and a D-Link router/firewall. The DLink router translates my fixed IP directly to the Mac Mini, and the others are getting DHCP from my router.
The most noticeable symptom is web pages loading slowly or incompletely, mail not getting through, and DOWN reports from external monitoring services.
If I ping my ISP's edge router (directly from my router, or from any connected computer), it is extremely intermittent. It can be 100% for tens of seconds straight, then 50% or more packet loss for tens of seconds straight.
ping -A -n -c 10 65.38.45.1
PING 65.38.45.1 (65.38.45.1): 56 data bytes
64 bytes from 65.38.45.1: icmp_seq=0 ttl=254 time=22.780 ms
64 bytes from 65.38.45.1: icmp_seq=1 ttl=254 time=23.520 ms
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
64 bytes from 65.38.45.1: icmp_seq=5 ttl=254 time=23.207 ms
64 bytes from 65.38.45.1: icmp_seq=6 ttl=254 time=23.774 ms
Request timeout for icmp_seq 7
64 bytes from 65.38.45.1: icmp_seq=8 ttl=254 time=23.608 ms
64 bytes from 65.38.45.1: icmp_seq=9 ttl=254 time=24.670 ms
--- 65.38.45.1 ping statistics ---
10 packets transmitted, 6 packets received, 40.0% packet loss
round-trip min/avg/max/stddev = 22.780/23.593/24.670/0.579 ms
If I hook a computer directly to the aDSL modem via DHCP, everything works, so my ISP says, "Sorry, that's YOUR problem, NOT ours." They've had a phone company tech out to the network interface, who says everything is fine there.
But if I plug even a second computer in (both computers relatively quiescent), via router or switch, then packets begin to get dropped.
I understand that if all my computers were doing huge downloads at the same time, I could expect packet loss. But this happens simply by plugging in a second computer that is doing no network traffic.
Here's the weird part: after having my laptop plugged directly into the aDSL modem and seeing 100% success, if I plug it into my "normal" network, things will work just fine for several minutes before packets start getting dropped again! I can run 100% ping tests on any computer on my LAN, and things work fine for several minutes.
To me, this smells of "traffic shaping," where the ISP is detecting that I have more than one computer plugged in, and then reduces bandwidth. They claim they don't do that.
I'm pretty knowledgable about networking, but this has me stumped.
I'm at my wits end. Any ideas how to debug and fix this?
UPDATE +1 to "sawdust" for suggesting I go back to basics. I paired the laptop with different combinations of other computers, and found that only when the Mac Mini Server AND the D-Link were hooked up, things went south. I took the router out, and hooked the switch directly to the modem, and things started working. Thanks, D-Link.
This is a configuration I thought I had tried before, but I guess not, or something else was wrong at the time.
But now I can't get my printer working. It keeps wanting to be in the 10.129 network, and other computers can't see it there. Keep working on it, I guess...
Jan Steinman
Posted 2012-10-08T18:37:56.247
Reputation: 131
"if I plug even a second computer in ... via router or switch..." - This doesn't seem correct. The ZOOM unit is a modem/router/firewall. So you have two routers in your setup. Where are the DHCP and NAT servers? Are there 2 servers or zero servers? Or are you comparing apples to oranges by reconfiguring the ADSL modem? If you have DHCP, NAT and a firewall properly setup, then the ISP should not be able to detect how many PCs you have. BTW the "A" is ADSL should be capitalized like the rest of the letters in the acronym. – sawdust – 2012-10-08T19:26:30.993
The ZOOM 5751 that my ISP provided does not appear to be a router nor firewall. It has only one ethernet port. The D-Link router is my DHCP/NAT server, doling out addresses in the 10.1.1.0/24 subnet. All other services (DNS, web, mail, MySQL, etc.) are coming from the Mac Mini, which is NOT serving DHCP nor NAT. – Jan Steinman – 2012-10-08T19:58:34.647
"It has only one ethernet port" - That means nothing. I've used Westell units that have full-featured router capability, and they also have a single Ethernet port. Maybe you need to log into the ZOOM and find out what features it has and how it is configured, rather than just guess. Multiple routers would be a plausible explanation for the cause of your issues. Of course you don't have to test your assumptions, and instead go off believing that the ISP is "traffic shaping" your account. – sawdust – 2012-10-08T20:15:11.917
Also, the Airport Extreme is configured as a bridge, and so should not be serving DHCP nor NAT, but only passing along DHCP and NAT from the D-Link router. – Jan Steinman – 2012-10-08T20:15:29.297
My ISP has not provided me a password for the ZOOM modem they provided. And caustic comments regarding my theories don't seem particularly helpful. Do you have suggestions for logging in to the modem? Are you familiar with this particular model, and can you verify that it may be interfering? Or are you just "shooting from the lip?" Please, be specific if you have anything. – Jan Steinman – 2012-10-08T20:18:24.303
1Go back to the simplest setup, the ZOOM + laptop. Does the laptop get a private or public IP address? What does the "Shields Up" site, www.grc.com, report? – sawdust – 2012-10-08T20:25:28.213
Google tells me the ZOOM 5751 is indeed a router/firewall. But the default web configuration IP address (192.168.1.1) doesn't work. So perhaps my provider has changed the configuration. I'll see if they'll let me in. In the mean time, what would you suggest I do if I do to see if the modem/router/firewall is what's messing me up? I don't even have an IP address that I can test for DHCP, right? – Jan Steinman – 2012-10-08T20:34:51.073
Laptop plugged via ethernet directly into Zoom 5751, and I get a public DHCP address that is on the same Class C subnet as my static IP and my ISP's edge router address. Shields Up reports five ports of the first 1056 open, as expected. I arbitrarily opened a port (nc -l 111) and it showed up as open. So the ZOOM does not seem to be blocking anything. – Jan Steinman – 2012-10-08T21:07:50.780
Forget ports; what IP address did Shields Up say you're using? "I get a public DHCP address that is on the same Class C subnet as my static IP and my ISP's edge router address" - What is this "static IP"?? Is this the same public addr as the "DLink router translates my fixed IP"? Is your ISP handing out a dynamic IP address and your site has a static IP address? You wrote that the Zoom's "default web configuration IP address (192.168.1.1) doesn't work" w/o any details. Did you disconnect the phone line, use a static IP addr on the PC (e.g. 192.168.1.99), or even reset the modem? – sawdust – 2012-10-09T00:33:57.820
Shields Up reported 22, 80, 88, 548, and 646 as open -- all as expected, due to services I'm running. We have a static IP and our ISP will hand out up to five additional dynamic IPs in the same subnet. – Jan Steinman – 2012-10-09T18:38:44.513
In any event, I consider this case closed. (See the <b>UPDATE</b> at the end of my edited question.) I'm still not able to print, but I've sent all my MAC addresses to my ISP, who will make sure their DHCP-assigned addresses are in the same subnet as my static IP. – Jan Steinman – 2012-10-09T18:43:50.727