Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

One Device Not Pinging???


  • Please log in to reply
13 replies to this topic

#1 K-pup

K-pup

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 10 April 2015 - 04:46 PM

Hi All, 

have a strange issue with network. 

 

I recently merged 2 sites together, updated default gateways and one device does not respond. It only responds on the old VPN connection.

 

Story

 

Site 1 <--> Site 3 - previously commissioned, connected via VPN via internet connection to the site

 

Site2 new commission merged with Site 3

 

Site 1 <----> Site2/3

 

 

Everything on the old site (3 devices) had there gateways updated to the new router, 192.168.103.1 and 2 out of the 3 devices work.

 

Legend:

Black Box: Sites

Green Box: Company Owned Equipment

Orange Box: Vendor Wan (Untouchable)

Red Box: Problematic Device

Site2 Gateway: 192.168.103.1

Site1 Gateway: 10.10.5.52

 

 

Troubleshooting: 

Server1 <-->Site2/3: Gateway = 10.10.5.52 for network 192.168.103.x

 

 

From Server1: i can ping everything, except the problematic device, 192.168.103.20

From Server2: i can ping everything from the OLD VPN that i want to disconnect (Unreliable connection)

From Server2: I can ping everything on the new WAN except the problematic device, Similar to Server1

 

From the 192.168.103.1 router, i can log into it and ping the problematic device. Its been rebooted. No resolution. 

 

Strangest Issue: SOMETIMES, ONLY SOMETIMES, you can get few pings from the problematic device on the new WAN, but then stops responding?????

 

What can the issue be?

 

 

 

 

Issue.jpg

Attached Files


Edited by K-pup, 10 April 2015 - 04:47 PM.


BC AdBot (Login to Remove)

 


#2 sflatechguy

sflatechguy

  • BC Advisor
  • 2,200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 12 April 2015 - 10:37 AM

Were you able to ping the device before? Can you ping other devices on the network from that device?

When you try to ping it, are you using the IP address? Can you ping it using the name for that device?

Aside from ping, do any other services have issues reaching that device, or does the device have any issues connecting to other services on the network?

 

I take it those are static addresses? It could be an internal DNS issue. Check to see if there is an A or PTR record for that device on the servers.



#3 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 12 April 2015 - 11:17 AM

Ping.jpgWere you able to ping the device before? Can you ping other devices on the network from that device?

When you try to ping it, are you using the IP address? Can you ping it using the name for that device?

Aside from ping, do any other services have issues reaching that device, or does the device have any issues connecting to other services on the network?

 

I take it those are static addresses? It could be an internal DNS issue. Check to see if there is an A or PTR record for that device on the servers.

the device is pingable on the old VPN wan at times (when its reliable), but not on the new wan. 

the odd occasion it will ping once on the new WAN. 

the device doesn't have a interface to ping from or do diagnostics (only to login and check the settings), but from the main router gateway for the new wan, i can ping all devices and see all the devices on the network, its just not going up the vendor's WAN to the server on my main site 1. 

no issues with the device talking to other devices and sending its information up the old VPN wan to the server. 

a trace route to the device shows that it gets to the outside interface of the router gateway and then stops, yet the same trace route will get to the same interface of the router gateway and get to the device.

 

yes, they are static addresses, and i did not think of DNS issue on the server, however, any machine is having the same symptoms trying to ping that device. 

I am manually entering in a permanent route in my ip address table on any machine to get down to that network, and i can ping all devices except that one. 

 

 

and sorry i made one mistake to my visio, the ip address of the route gateway is 10.10.22.2


Edited by K-pup, 12 April 2015 - 11:19 AM.


#4 sflatechguy

sflatechguy

  • BC Advisor
  • 2,200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 12 April 2015 - 11:41 AM

So the pings make it to the external interface of the router and then get dropped. Does the 192.168.103.20 device have some sort of firewall that might be blocking the ping packets?

 

You may want to set up a packet tracer like Wireshark and determine what is happening to those packets and make sure they are getting to the 192.168.103.0 network and aren't being dropped or mishandled by the router. The pings that do get through are show ing a bit of latency. Check the Ethernet ports, switch ports and cables to make sure there aren't any issues with the physical connections.



#5 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 14 April 2015 - 10:55 AM

yes, they make it to the external interface and drop when trying to go beyond. how or why is my confusion.

 

my understanding of basic networking, if the subnet is all same, which it is, and a device is trying to reach a IP not in the same address range and subnet, it goes to the gateway that it has, which is the 192.168.103.1. The gateway router then says yes i know where this packet needs to go to reach its destination and forwards it to the next router/gateway until it gets to its destination.  am i mistaken? 

 

i setup a wireshark packet tracer and capatured/saved the file of a quick ping to the device, but i am having a hard time deciphering it so far. the first ping made it through and then the rest just drop. 

 

 

the latency showing you mentioned is because i am doing a remote VPN into the site 1 and then going down the vendor WAN to site 2 and back up the pipe. that is why there is latency. 

 

i would do a port mirror of the outside and inside interface of the router gateway but that is not an option. 

 

i updated the network diagram to show the proper IP's, i messed up the router gateway outside Ip.



#6 sflatechguy

sflatechguy

  • BC Advisor
  • 2,200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 14 April 2015 - 11:27 AM

You are essentially correct re how those packets get routed.

 

The wireshark results seem to indicate that, for some reason, the router is not forwarding the ping packets to the 192.168.103.0 LAN segment for that particular device. Check the routing table on the router, see if there is an entry for that device since you are using static addresses. I see the switch is unmanaged, but if you can access the ARP table on the switch, do that as well and check for the device's MAC address.



#7 CaveDweller2

CaveDweller2

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 14 April 2015 - 01:14 PM

Sounds like there is a binding or setting that is making it look for the old VPN first, have you redone the TCP/IP stack on the problem device? Or looked at all the properties and settings?


Hope this helps thumbup.gif

Associate in Applied Science - Network Systems Management - Trident Technical College


#8 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 14 April 2015 - 02:28 PM

my latest discovery is after analyzing the packets from wireshark (i haven't used this thing in like 8 years), i found that i was getting a ip checksum error so i disabled the Ip and TCP checksun offload. 

now my latest error is duplicate ACKS being seen on when i ping the device. from what i've read, it is a timing issue with the device.  this does make sense as sometimes i get a ping and sometimes i can get a bunch and then stops. 

 

still my confusion is if its pinging to the main router gateway at 192.168.103.1 without issues everytime i try it, and my PC can ping 192.168.103.1 without issues, where is the timing becoming an issue? 

 

I already looked at port speeds to confirm they are on the same speed and i would have seen this as an issue when i ping from the router gateway to the device???  

 

@sflatechguy: my routes on the router have 2 entries:

1) 10.10.5.0/24 -> gateway 10.10.22.1 (this is the vendor's WAN router on site)

the vendor wan has routes to point the 10.10.5.0/24 network to the vendor WAN that is on the network at Site1, at which my switch should forward it to the server that requested the ping (i don't think it is a switch issue up at site1) 

 

2) 0.0.0.0/0 -> gateway 10.10.22.1 for internet access

 

i don't have any IP's or anyway to get into these unmanaged-switches. my only thought is to power them off for a few minutes to reset their arp tables?

i have spanning tree enabled on the router gateway so it eliminates loops.

i can see the 192.168.103.20 problematic device in the router gateway 192.168.103.1 MAC table as well, so it knows what the device is.

 

@cavedweller2: i have looked at the properties of the device, not sure if i can able to do a tcp/ip restack, but i have power cycled the device, which i am not sure if it does the same action? when the device is responding on the OLD VPN i can post a picture of the settings in it.



#9 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 14 April 2015 - 03:32 PM

here is a few images from the device

 

 

Attached Files



#10 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 14 April 2015 - 04:07 PM

Post the results of a route print from the problem workstation for review.



#11 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 14 April 2015 - 04:41 PM

the problematic device is not a computer to run the route print command from. it is a hardware of some sort, programmed by some engineer.  i am thinking the IP route image i uploaded from the unit is the only routes it has similar to route print. 

 

I'd love to be able to run a trace route or ping from the device up the chain but i can't do that either. 

So I feel like I am stuck between 2 rocks with my limited ability to troubleshoot it. 

 

I had a further look on the router gateway and i can see that the vlan of the problematic device is on the same vlan of another device so i know it can't be an issue there as well.



#12 sflatechguy

sflatechguy

  • BC Advisor
  • 2,200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 14 April 2015 - 07:33 PM

Given the limitations of the device in terms of obtaining info from it, you may have contact whoever programmed it and find out what the problem might be.



#13 K-pup

K-pup
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 15 April 2015 - 03:11 PM

just a thought around this. previously i was talking about how routing happens between devices and gateways etc etc, and i noticed one of the routes on the device has a different mask then it should. 

 

I've uploaded a image highlighting  the first route 0.0.0.0. Now i am not sure how or where this comes from in the device, or if it can even be changed, but i just noticed it has the mask of 255.255.255.0 or /24, however you look at it. 

If i'm not mistaken, wouldn't that stop the device from talking outside of the 192.168.103.x/24 network? 

 

I've been poking the engineer to get me connected to the device so I can be the one to go into the network setup of the device and have a peek at what they've programmed. 

 

 

Attached Files



#14 sflatechguy

sflatechguy

  • BC Advisor
  • 2,200 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 15 April 2015 - 07:32 PM

Normally the netmask for 0.0.0.0 is /0, or 0.0.0.0. That's the route essentially for anything not on your network. Not sure why yours is set to 255.255.255.0, although it's hard to tell if that's the netmask for 0.0.0.0 or the default gateway.

If that netmask were an issue, you'd have problems with more just than that one device. I think your best bet is the engineer who programmed it.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users