[61273] in North American Network Operators' Group
Re: Max TNT ping thing
daemon@ATHENA.MIT.EDU (Matthew Crocker)
Wed Aug 27 13:47:12 2003
Date: Wed, 27 Aug 2003 13:46:15 -0400
Cc: "Andy Walden" <andy@tigerteam.net>, "Geo." <georger@getinfo.net>,
"NANOG" <nanog@merit.edu>
To: "Ejay Hire" <ejay.hire@isdn.net>
From: Matthew Crocker <matthew@crocker.com>
In-Reply-To: <B0291F8CF6D74440A1175DD8E107802304B825@bnaw2kmsx01.BNA01.ISDN.NET>
Errors-To: owner-nanog-outgoing@merit.edu
On Wednesday, August 27, 2003, at 12:46 PM, Ejay Hire wrote:
>
> Here is a summary of our experiences with the bug.
>
> Last Thursday, A TNTs with years of uptime rebooted. No cause was
> apparent, and nothing relevant happened in the logs. On Friday, It
> happened to a different TNT. This occurred with increasing frequency
> over the weekend, and we didn't get a lot of sleep. We tried using a
> filter in the tnt to block port 135 and 4444 to no avail, and then
> tried
> a filter to block ICMP in the tnt also to no avail. Next, we removed
> the tnt filters and tried rate-limiting ICMP to the TNT's. That didn't
> work. Next we removed the rate-limit and applied the Cisco-supplied
> anti-nachi route-map to the upstream interfaces facing the Tnt's. This
> significantly reduced the problem, but we were still rebooting every 12
> hours or so. Disabling route-caching on the TNT stopped the rebooting
> problem, but we were seeing 40% packet loss on one of the TNTs. (Note,
> both TNT's have a Ds-3 of PRI's, and use the TNT-SL-E10-100 four port
> Ethernet cards) The packet loss was only affecting one TNT, and we
> discovered that it was running 9.0.6 while the unaffected box was
> running 9.0.9. Upgrading the box to 9.0.9 fixed the packet loss issue.
> We are currently up and haven't had any blips in 24 hours. (knock on
> wood.)
We have a Lucent APX 8000 which is essentially a TNT on steroids. We
have not experienced any of the issues. We are running TAOS 10.0.2
-Matt
