Strange issue involving sampling
Peering
Peering at xspedius.com
Wed Jan 18 20:09:50 UTC 2006
First, apologies if this isn't the right place, but I was hoping to hit
a lot of networking folks in one shot and this seemed like the likely
venue.
I have this problem where a customer of mine has issues getting to
secure websites (https sites like Charles Schwab's). It doesn't happen
all the time, maybe once a month or so. We went to Juniper with the
issue (we're using M-20s as our edge routers) and they couldn't figure
it out, but one of our engineers found that the config pasted below
(with proprietary info removed) fixed the problem. The only problem is
that even with this config, we have to restart the sampling daemon every
month or so because the problem will come back. Understandably, the
customer would prefer to have a more permanent solution.
Anyone have an idea why this one customer on my entire network would
have this issue? Supposedly the customer had Cisco come out and look at
their network and they couldn't find any reason for it either.
routerx# show | compare rollback 0
[edit]
- forwarding-options {
- sampling {
- input {
- family inet {
- rate 1;
- }
- }
- output {
- file filename customer.sample;
- }
- }
- }
[edit firewall]
- filter customer {
- term 1 {
- then {
- sample;
- accept;
- }
- }
- term default {
- then accept;
- }
- }
[edit interfaces ls-2/3/0 unit 3]
routerx# show
description "Customer X";
encapsulation multilink-ppp;
ml-pic-compatible;
family inet {
no-redirects;
filter {
input customer;
output customer;
}
address x.x.x.x/30;
}
Diane Turley
Sr. Network Engineer
Xspedius Communications Co.
636-625-7178
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20060118/902932da/attachment.html>
More information about the NANOG
mailing list