I ran into a really weird problem the other day. I did some maintinence the night before which involved implementing voice VLAN's for our ip phones and updating the PIX os on our, what else Cisco PIX.
The next day we had users having many differnet but related problems. First users were having issues opening Outlook and running some network applications, some over our internal web apps would not work properly, and we could not terminal service to our window servers.
We started troubleshooting our network and server and could not fins any problems. We isolated servers from our network and they would work fine but when the switch we isolated them to was reconnected to the network the problem would re-occur. We did many packets sniffs and did not see anything. We rolled back all of our switching configurations to no effect. We went as far as blanking our switch config to no effect. Eventually we rolled back our PIX os to the previous version and that resolved the issue. A very weird issue that we still have yet to find why the PIX was causing this issue.
Update: After doing some research on pix and proxy arp at the recomendation of a co-worker i found the following.
sysopt noproxyarp
ARP (Address Resolution Protocol) is a layer two protocol that resolves an IP address to a physical address, also called a Media Access Controller (MAC) address. A host sends an ARP request asking "Who is this IP?" The device owning the IP should reply with "Hey, I am the one, here's my MAC address."
Proxy ARP refers to a gateway device, in this case, the firewall, "impersonating" an IP address and returning its own MAC address to answer an ARP request for another device.
The firewall builds a table from responses to ARP requests to map physical addresses to IP addresses. A periodic ARP function is enabled in the default configuration. The presence of entries in the ARP cache indicates that the firewall has network connectivity. The show arp command lists the entries in the ARP table. Usually, administrators do not need to manually manipulate ARP entries on the firewall. This is done only when troubleshooting or solving network connectivity problems.
The arp command is used to add a permanent entry for host on a network. If one host is exchanged for another host with the same IP address then the "clear arp" command can be used to clear the ARP cache on the PIX. Alternatively, you can wait for the duration specified with the arp timeout command to expire and the ARP table rebuilds itself automatically with the new host information.
The sysopt noproxyarp command is used to disable Proxy ARPs on an interface from the command-line interface. By default, the PIX Firewall responds to ARP requests directed at the PIX Firewall's interface IP addresses as well as to ARP requests for any static or global address defined on the PIX Firewall interface (which are proxy ARP requests).
The sysopt noproxyarp if_name command lets you disable proxy ARP request responses on a PIX Firewall interface. However, this command does not disable (non-proxy) ARP requests on the PIX Firewall interface itself. Consequently, if you use the sysopt noproxyarp if_name command, the PIX Firewall no longer responds to ARP requests for the addresses in the static, global, and nat 0 commands for that interface but does respond to ARP requests for its interface IP addresses.
To disable Proxy ARPs on the inside interface:
sysopt noproxyarp inside
To enable Proxy ARPs on the inside interface:
no sysopt noproxyarp inside
I then looked back at my packet sniffs that i ran and saw some weird things. interfaces on my PIX responding for other networks that it was not part of (this i believe was due to a VLAN misconfiguration). We are going to do some more testing and some sniffs on our current version of PIX os.
Sprint is having a major outage int he Detroit area. They have lost 17 DS3. This appears to only be effecting SprintLink service. A customer of ours has DS3's and DS1's effected. As of last update they are working on re routing these lines. The outage has been going on for the last 3.5 hours.
Update: as of 2:30 our circuit appears to be back live
Update 2: Sprint had a order in to place a shelf, and a SBC technicion replaced the wrong shelf. Classic SBC.
this message is part of this thread: http://www.the-collective.net/mailinglist/pen/msg14766.html
It's not geeks vs. geeks. It's geeks vs. industrial and regulatory morass.
Picture a city with two transportation systems, one network of roads and one network of canals. Traditionally, the milkman has made his rounds in a cart, leaving bottles of milk on doorsteps as you might imagine. But the company who runs the canals sees an opportunity to compete in the milk delivery business. It's very simple, they just dump a million gallons of milk into the canal system, and install special pumps at each building to suck up the milk, filter it, and bottle it. It's completely the wrong way to do things, but it's the only way the canal company can get into the milk industry.
Any geek with a modicum of physical-layer understanding will tell you why BPL is a conceptual abortion. Power lines carry a lot of current at very high voltage, but luckily 60Hz is a low frequency. They still blast a lot of noise out, because it's not practical to shape them in such a way as to keep the interference contained. We deal with it. Any audio engineer will tell you the extreme measures it takes to keep 60Hz noise out of a recording. Certain types of measurement gear include special sampling strategies to ignore 60Hz noise which would otherwise swamp the subject signal. ULF radio transmissions use other frequencies, because 60Hz is just useless. And of course, property values are lower near large powerlines because of the potential health effects of the magnetic field. (I'm not going to get into the verifiability of those effects, simply saying that the effect on property value is real.)
All this is because powerlines are spaced several feet apart, to keep the voltage from arcing from one conductor to the other. This spacing turns them into effective antennae, happily radiating the signal that's fed into them. If aliens are going to notice Earth, it'll be from the low-frequency emanations from our power grids.
Now consider Ethernet for a moment, specifically its original incarnation, known as 10base2. The name tells us a lot, 10 is the signalling rate, in megabits per second. "base" means it's a baseband medium, that the signalling is applied directly to the wire, not used as a modulation for some sort of a carrier signal. The 2 tells us the kind of wire, 2-conductor coaxial cable. The inner conductor is used for the signal, and the outer shield keeps the noise from leaking out. This is important, because in order to achieve a useful data rate in the megabits, the spectral width of the signal is pretty huge. If not carefully contained in cabling designed for it, your LAN would obliterate radio transmissions for quite a radius. And that's just the energy produced by a little network card, intended to go a few hundred feet through cable.
Now consider DSL and cable modems. Each of these technologies uses modulation to shift the baseband data up into another part of the radio spectrum. DSL uses the same twisted pair that carries POTS, but since voice only uses about 4KHz of bandwidth, they put the data starting just above 4KHz, and let it run up to about 2.2MHz. (Different DSL flavors split the spectrum differently between upstream and downstream directions) Sending a balanced signal down twisted pair also keeps the noise in check, so you can run several DSL circuits in the same binder and they don't interfere with each other very much. Cable modems do a similar technique, but since their cable is already carrying TV signals, they use different bits of the spectrum for it. The trick here is that the cable network is a bus architecture, and each modem's upstream transmissions have to be strong enough to be heard at the head end. This means that careful shielding is critical. A noisy cable amplifier can splatter interference all over, causing problems with any number of radio systems.
Providing a useful data rate to customers means generating a lot of RF energy, and then keeping it contained to minimize interference. Cable and DSL have their work cut out for them, simply maintain the physical network and the signal stays in the wires where it belongs. Wireless ISPs do things differently, using antennae to carefully focus their transmissions, and occasionally using filters to clean up the edges of their spectrum where the equipment might be a bit too noisy.
Broadband over powerlines does just the opposite. BPL uses a modulated signal like you might find in DSL or cable, but it blasts the signal onto a wiring system that can't possibly contain the noise. Because of the extremely poor match between the signal and the wiring, the power levels are very high just to get a useful signal at the receiver. The power lost in the middle is all noise, and it goes everywhere. The power grid acts as an antenna. There's no way to make it work cleanly and efficiently, short of replacing all the powerlines with coax or twisted pair, and at that point it won't be useful as a power grid anymore.
BPL is the wrong thing to do with data, and it's the wrong thing to do with powerlines. It happens to be the only way the electric utility can compete in the data arena, and I don't really blame them for trying. If competition for cable and DSL service were meaningful, the power grid might not be the avenue of last resort. That's a problem with regulation and monopolies, broader than I want to get into right now. The fact remains that BPL is destructive to radio spectrum and a bad idea in general. If you understand this mess, it's your responsibility to oppose BPL with every resource available to you.
-Myself-