1. Home
  2. Cisco Systems
  3. Problem with 2 private subnets on Cisco 3640

Problem with 2 private subnets on Cisco 3640

I have a 3640 with 2 fastethernet cards for 2 private networks (192.168.0.0, 192.168.1.0). I am able to access most computers across the router with no problem. But, there seems to be some problems when trying to access some ports. Here is the IP packet log I am getting for one such problem: Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 117, forward Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000, seq=299137732, ack=1787491195, win=46674 ACK PSH Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103 (FastEthernet0/1), d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43, len 201, forward Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061, seq=1787491195, ack=299137809, win=65359 ACK PSH Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 40, forward Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000, seq=299137809, ack=1787491356, win=46634 ACK This is all I ever get. The application then times out. Both of the cards are natted inside to a single outside card. This does not seem to be the problem since I can access other machines on other ports. Any ideas would be appreciated. Thanx

Reply to
Grimjack
Loading thread data ...

You will need to post:

  1. the router config a
  2. the output of show version
Reply to
Merv

I agree.

I had a look at the packet traces which shows a fully established TCP session with data being Acknowledged.

If you re-assemble the following as indicated by the line end indicators "_" you will be able to correlate the seq numbers with the acks. I have calculeted the next expected ack.

Cisco display the length of the whole IP packet. the TCP header is usually 40 bytes long.

Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), _ d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 117, forward Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000, seq=299137732,_ ack=1787491195, win=46674 ACK PSH

299137732 + (117 - 40) = 299137809

Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103 (FastEthernet0/1),_ d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43, len 201, forward Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061, seq=1787491195, _ ack=299137809, win=65359 ACK PSH

1787491195 + (201 -40) = 1787491356

Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), _ d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 40, forward Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000, seq=299137809,_ ack=1787491356, win=46634 ACK

Reply to
anybody43

I agree.

I had a look at the packet traces which shows a fully established TCP session with data being Acknowledged.

If you re-assemble the following as indicated by the line end indicators "_" you will be able to correlate the seq numbers with the acks. I have calculeted the next expected ack.

Cisco display the length of the whole IP packet. the TCP header is usually 40 bytes long.

Jul 31 14:20:02 1.1.1.1 65473: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), _ d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 117, forward Jul 31 14:20:02 1.1.1.1 65474: 3d00h: TCP src=4061, dst=9000, seq=299137732,_ ack=1787491195, win=46674 ACK PSH

299137732 + (117 - 40) = 299137809

Jul 31 14:20:02 1.1.1.1 65475: 3d00h: IP: s=192.168.0.103 (FastEthernet0/1),_ d=192.168.1.43 (FastEthernet1/0), g=192.168.1.43, len 201, forward Jul 31 14:20:02 1.1.1.1 65476: 3d00h: TCP src=9000, dst=4061, seq=1787491195, _ ack=299137809, win=65359 ACK PSH

1787491195 + (201 -40) = 1787491356

Jul 31 14:20:02 1.1.1.1 65477: 3d00h: IP: s=192.168.1.43 (FastEthernet1/0), _ d=192.168.0.103 (FastEthernet0/1), g=192.168.0.103, len 40, forward Jul 31 14:20:02 1.1.1.1 65478: 3d00h: TCP src=4061, dst=9000, seq=299137809,_ ack=1787491356, win=46634 ACK

Reply to
anybody43

What I menat to say was - It looks like it is all working OK. Maybe your app is broken?

Reply to
anybody43

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.