Cisco 2514 initial LAG when connecting

[andrew4728]

Hey all, I just got my cisco 2514, and using some information and SH CONFs posted about this forum, I've successfully got the router up and working through my cable provider. DHCP seems to be working just fine and all connections are working.

my problem is when I ping a site, the first ping FAILS and the rest succeed. this occurs when I ping from the router, or from a PC plugged in. When I browse the web, webpages seem to get stuck at first, and then BAM they come up.

My setup =
CABLE <-> 2514 <-> Linksys befsr41 <-> computer1

I have DHCP turned off on the befsr41 and no WAN connection plugged into it.. I'm just using it for the built in switch (until my new switch arrives).

here is an example from the router :

R2#ping google.com
Translating "g(68.13.X.Y) [OK]

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 216.239.37.99, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 68/71/76 ms

This occurs with yahoo.com and many others as well..

My running config =

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname "R2"
!
enable secret
enable password
!
ip subnet-zero
ip name-server 68.13.X.Y
ip name-server 68.13.X.Z
!
ip dhcp pool client
import all
network 192.168.1.0 255.255.255.0
dns-server 68.13.X.Y
default-router 192.168.1.2
!
!
!
!
interface Ethernet0
description CABLE MODEM
ip address dhcp client-id Ethernet0
ip nat outside
no ip mroute-cache
no cdp enable
no mop enabled
!
interface Ethernet1
description LAN SWITCH
ip address 192.168.1.2 255.255.255.0
ip nat inside
no ip mroute-cache
no cdp enable
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip nat inside source list 101 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
no ip http server
!
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!
line con 0
line aux 0
line vty 0 4
password
login
!
end

Keep in mind, I am quite new with Cisco and working on my CCNA. Is there anything that is incorrectly entered or not needed above? Any obvious reasons why my network connectivity has the initial lag? Thank you very much!

 

[rburke]

It may be a DNS issue or a problem with your upstream provider. I don't see anything that would be casuing it in your configs.

Try to ping a IP address instead of using DNS to look one up. Try pinging one of Yahoo's IP: 216.109.127.29, 216.109.127.30, 66.94.234.13, 66.218.71.198, or 216.109.127.28.

Also once you ping google.com or yahoo.com have you tried pinging it again right away to see if that initial lag is there?

Let us know what happens.

Burke

 

[andrew4728]

Yea, I forgot to mention (sorry)
pinging by ip works just fine.. and once I ping yahoo.com, if I ping it a second time it goes through just fine.
If I plug my linksys router in alone without the cisco, I have no problems, all pings fast...

 

[rburke]

Ok, I think the problme might be that since you are on a cable network and not a point-to-point Ethernet then the "ip route 0.0.0.0 0.0.0.0 Ethernet0" may be causing the single timeout. Reason being that when it is trying to route out Ethernet0 it has to look for the gateway versus just sending the packet straight to it. Although that configuration should work just fine.. I guess it matters on the ISPs equipment and load.

Anyways, I can't remember the exact command but but I believe it is something like "show dhcp lease detail" or "show ip dhcp lease detail" and that should give you all the information including the DHCP default gateway for hte current lease that you hold on Ethernet0 from the ISP. Then all you need to do is change the "ip route 0.0.0.0 0.0.0.0 Ethernet0" to "iproute 0.0.0.0 0.0.0.0 x.x.x.x" where x.x.x.x is that default gateway for your lease.

This isn't the best way to configure it because if your ISP ever changes your IP block then you might have to change your route statement, but obviously the current way is causing that lag blip.

That would be my suggestion, let me know if you have any questions.

Burke

 

[floryklf]

Whenever you see the 1st ping drop and the following 4 succeed AND when you can repeat the ping to the same target and all 5 pings now return successfully, you are NOT experiencing a problem. What is happening is the router must use ARP to determine the Layer 2 destination address before it can send the first ping. The ARP action can often comsume enough of time to cause the ping to timout. When the router finally receives an ARP reply, it caches the ARP information in memory so that when you repeat the ping process the router can pull the layer 2 destination address from its own ARP cache which is much speedier then going through the ARP process over the network connections. That's why all 5 of the second round of pings happen ok.

 

[andrew4728]

Thank you both for the great responses!
I am at work now, but when I get home I am going to mess around with it some more.. will definately let ya know how it's going.. Thanks again!

I was using Ethereal (packet sniffer) on the computer to troubleshoot it as well, and didn't notice any ARP requests. When pinging from the computer, I see DNS request to my dns server, a dns response with the IP Address, a ping request, another ping request, a reply, request, reply, request, and a last reply..

the ping times are the same as when I'm plugged into the linksys also.

Of course, being on a switch, the only traffic the sniffer will see is going to be sent specifically to my machine, broadcasted, or multicasted.. (if I understand it correctly)

If the router didn't know the ip of yahoo.com, would it send an ARP request over the local lan ? or to my ISP?
I'm still noobish
thanks

 

[rburke]

Well when you say you want to go to Yahoo.com your PC then does a DNS request and once the IP comes back it looks at the IP. If the IP is on the local subnet then it will send out an ARP request for the MAC address of that IP.

BUT in your case the IP is not on the local subnet so your PC ARPs for its default gateway (192.168.1.2 - Ethernet1) and then forwards the request to it. When the router recieves it, then it looks at its routing tables and sees what the next hop IP is (the DHCP gateway handed to the router by the ISP). Since that is going to be on the same subnet as your Ethernet0 IP then it does another ARP request to get its Layer 2 address to forward it to.

This is where I think the problem lies, as I said in my last post. Becuase your default route just points the packet out the Ethernet0 interface and not a specific IP address to ARP for, then it requires more boradcasts for the gateway. If one of the responding machines is loaded down or not responding quick enough then it could lead to that small lag. Then all the subsequent packets already have the ARP addresses in cache and work fine.

That is my hypothesis... We'll see what happens. Let us know.

Burke

 

[andrew4728]

You guys rock!
I changed the "ip route 0.0.0.0 0.0.0.0 Ethernet0" to "iproute 0.0.0.0 0.0.0.0 68.12.x.x" (my default gateway) and the lag seems to have disappeared..
webpages loading instantly, pings all replying..

I really appreciate your help all!

I'm having a fun @zz time learning this!

 

[rburke]

Glad to hear it. Let us know if you have any other questions. I learned the same way you are. One day I just bought a few 2501's and loved it so much that I went on to buy a whole lab (over time) and passed my CCNA with a 950. Right now I'm working on my CCNP and CCSP. Plus I love helping out others.

Burke