Brad, I already have acls in place blocking any traffic from the outside world. I was seeing ip's from Japan and Australia sending packets to them all regularly, but only 1 packet at a time. Every couple of minutes I am seeing these ip's denied on my ACL logs. I have not replace the chassis or the power supplies yet. We are using filters but not fine tuned on them. I will have to check further into it. I am not seeing anything logging any issues. What I may do is see who was on when it fails to see if there is a pattern. I was at first leaning to outside intervention and now after the ACL's are running and I am still seeing issues, it must be a dialup user. I do not know what to look for. I do not know what to block. I would appreciate your or anyone's ideas. We are blocking very basic things on the filters. Telnet, netbios, etc... Being of the old netserver school, Where could I learn the hyper arcs . We just have never made the switch since these have worked so well. Thank you for you response. I am pretty lost on this issue. ----- Original Message ----- From: "Brad Gass - List Account" <bradlists@mnns.com> To: "Discussion relating to the 3Com/US Robotics Total Control modem systems." <usr-tc@mailman.xmission.com> Sent: Friday, July 08, 2005 4:36 PM Subject: Re: [USR-TC] Netserver Cards
Well, you've eliminated the Netserver's themselves, what about the power supplies (dual 45A chassis or a newer red/blue label chassis with 70A or 130A supplies)?
From a software standpoint, it could be that the ethernet IP of the Netservers are the target of various worms and other malicious zombies out there, or the traffic passing through it from dial clients (likely infested) is somehow giving the cards fits.
You should be able to "hide" the Netserver's ethernet IP from the Internet as a whole using access controls at your border router. In other words, the Netserver itself need not be reachable from the entire Internet (or at least have it's access severely limited), although client IP's still would be fully reachable (but it would break external traceroutes in the case of a routed block environment).
In the case of client traffic breaking it, you could try individual ingress/egress filters on them if you don't already to see if it helps the issue.
As a last-ditch effort, you could probably replace the Netserver with a HiperARC to get a substantially newer hardware and software platform.
Brad
Ross Cornett wrote:
IS anyone having trouble with Netserver cards locking up. Have 15 in my network and at least half of them have started this about 2 months ago. Have to reboot them. I have replaced them. I have reconfigured them. I really could use some help.
Ross
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc