Soho 97 Crashing/Restarting - ideas? sh stack inc.

Hi all,

Before the stack info i'd like to say I've tried a later release IOS as well but that wasn't letting me use NAT so I'm back to the early release. Everything works perfectly except once in a while the router restarts - and i don't have a smartnet contract....

Minimum process stacks: Free/Size Name 7232/12000 Init

Interrupt level stacks: Level Called Unused/Size Name 1 0 9000/9000 ADSL Dying Gasp Interrupt 4 198888 7444/9000 MPC860 CPM INTERRUPT 5 645 8828/9000 ADSL Ctrl Interrupt 7 166364 8900/9000 TIMER INTERRUPT

System was restarted by error - a SegV exception, PC 0x805926D0 SOHO97 Software (SOHO97-K9OY1-M), Version 12.2(8)YN, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) Synched to technology version 12.2(11.2u)T TAC Support:

formatting link
Wed 30-Oct-02 21:49 by ealyon (current version) Image text-base: 0x800131B0, data-base: 0x8074BDE4

Stack trace from system failure: FP: 0x80DD6638, RA: 0x805926D0 FP: 0x80DD66B0, RA: 0x80578E88 FP: 0x80DD66C8, RA: 0x80579624 FP: 0x80DD6718, RA: 0x8020ADEC FP: 0x80DD6768, RA: 0x8020B064 FP: 0x80DD6788, RA: 0x8020B1B4 FP: 0x80DD67A8, RA: 0x80139D34

*************************************************** ******* Information of Last System Crash ********** ***************************************************

thanks in advance for any responses... Steve

Reply to
Steve
Loading thread data ...

Every released IOS for the Soho9x series can do NAT/PAT. the K9OY1 images have 3DES IPsec and FW featureset. With only 32MB DRAM, 12.3(11)T can run out of memory with IPsec and aaa new-model enabled.

12.3(14)T and 12.4(1) will need 48 MB DRAM.

What was the newer IOS you've tried? What's your startup-config?

Wow, thats really old for a Soho9x, I don't think there is any older.

Reply to
Uli Link

Hi Uli - thanks for the response

Yep - first release - serving me well ;-)

Have to say its disconnecting overnight or when heavy dloading - other than that its been good as gold

Only thing I've found out is the hold-queue 100 on eth0 in a forum but this hasn't made a diff.

I had 12.3(4)T4 ---> may try to get hold of soho97-k9oy1-mz.12.3-11.T6

In any case heres run info below: And I've added the run info the 12.3(4) afterwards that I tried in case you can see the problem with NAT

(I was running 10.0.0.X internally on that one - but I did try 10.10.10.X as I am currently using - even tried the web interface with it and no joy - v. confusing.)

Building configuration...

Current configuration : 3743 bytes

!

version 12.2

no service pad

service tcp-keepalives-in

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname

!

logging count

logging buffered informational

logging console warnings

logging monitor informational

enable

!

username

ip subnet-zero

no ip source-route

ip name-server

ip name-server

ip dhcp excluded-address 10.10.10.10

!

no ip bootp server

ip inspect name myfw cuseeme timeout 3600

ip inspect name myfw ftp timeout 3600

ip inspect name myfw rcmd timeout 3600

ip inspect name myfw realaudio timeout 3600

ip inspect name myfw smtp timeout 3600

ip inspect name myfw tftp timeout 30

ip inspect name myfw udp timeout 15

ip inspect name myfw tcp timeout 3600

ip inspect name myfw h323 timeout 3600

no crypto isakmp enable

! ! ! !

interface Ethernet0

ip address 10.10.10.1 255.255.255.0

ip broadcast-address 10.10.10.255

ip access-group 122 out

ip nat inside

no ip mroute-cache

hold-queue 100 out

!

interface ATM0

no ip address

no ip mroute-cache

atm vc-per-vp 64

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface Dialer1

ip address negotiated

ip access-group 111 in

ip nat outside

ip inspect myfw out

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication

ppp chap hostname

ppp chap password

ppp pap sent-username

hold-queue 224 in

!

ip nat inside source list 102 interface Dialer1 overload

ip nat inside source static udp 10.10.10.10 6881 interface Dialer1 6881

ip nat inside source static tcp 10.10.10.10 6881 interface Dialer1 6881

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

!

logging 10.10.10.10

access-list 102 permit ip 10.0.0.0 0.255.255.255 any

access-list 111 permit tcp any any eq 6881

access-list 111 permit udp any any eq 6881

access-list 111 permit udp any eq isakmp any eq isakmp

access-list 111 permit gre any any

access-list 111 permit icmp any any echo-reply

access-list 111 permit icmp any any time-exceeded

access-list 111 deny icmp any any administratively-prohibited

access-list 111 deny icmp any any echo

access-list 111 deny icmp any any packet-too-big

access-list 111 deny icmp any any unreachable

access-list 111 deny icmp any any

access-list 111 deny ip any any log

access-list 111 deny ip 192.168.0.0 0.0.255.255 any log

access-list 111 deny ip 172.16.0.0 0.15.255.255 any log

access-list 111 deny ip 10.0.0.0 0.255.255.255 any log

access-list 111 deny ip 127.0.0.0 0.255.255.255 any log

access-list 111 deny ip 255.0.0.0 0.255.255.255 any log

access-list 111 deny ip 224.0.0.0 31.255.255.255 any log

access-list 111 deny ip host 0.0.0.0 any log

access-list 122 permit ip any any

dialer-list 1 protocol ip permit

!

line con 0

exec-timeout 120 0

no modem enable

stopbits 1

line aux 0

stopbits 1

line vty 0 4

exec-timeout 120 0

login local

length 0

!

scheduler max-task-time 5000

End

############################################################################ #############################

sh ver

Cisco IOS Software, SOHO97 Software (SOHO97-K9OY1-M), Version 12.3(4)T4, RELEAS

E SOFTWARE (fc2)

Technical Support:

formatting link
Copyright (c) 1986-2004 by Cisco Systems, Inc.

Compiled Thu 11-Mar-04 22:31 by eaarmas

ROM: System Bootstrap, Version 12.2(8r)YN, RELEASE SOFTWARE (fc1)

uptime is 1 hour, 47 minutes

System returned to ROM by reload

System image file is "flash:soho97-k9oy1-mz.123-4.T4.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

formatting link

If you require further assistance please contact us by sending email to

snipped-for-privacy@cisco.com.

Cisco SOHO97 (MPC857DSL) processor (revision 0x400) with 29492K/3276K bytes of m

emory.

Processor board ID AMB07440EJD (2947000950), with hardware revision 0000

CPU rev number 7

1 Ethernet interface

1 ATM interface

128K bytes of NVRAM.

8192K bytes of processor board System flash (Read/Write)

2048K bytes of processor board Web flash (Read/Write)

Configuration register is 0x2102

sh flash

System flash directory:

File Length Name/status

1 5308292 soho97-k9oy1-mz.123-4.T4.bin [5308356 bytes used, 2818108 available, 8126464 total]

8192K bytes of processor board System flash (Read/Write)

sh ru

Building configuration...

Current configuration : 3583 bytes

!

version 12.3

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname

!

boot-start-marker

boot-end-marker

!

logging count

logging buffered informational

logging console informational

logging monitor informational

enable

!

username

ip subnet-zero

ip name-server

ip name-server

ip dhcp excluded-address 10.0.0.254

ip dhcp excluded-address 10.0.0.10 10.255.255.254

!

ip dhcp pool CLIENT

import all

network 10.0.0.0 255.0.0.0

default-router 10.0.0.254

lease 0 2

! !

ip inspect name myfw cuseeme timeout 3600

ip inspect name myfw ftp timeout 3600

ip inspect name myfw rcmd timeout 3600

ip inspect name myfw realaudio timeout 3600

ip inspect name myfw smtp timeout 3600

ip inspect name myfw tftp timeout 30

ip inspect name myfw udp timeout 15

ip inspect name myfw tcp timeout 3600

ip inspect name myfw h323 timeout 3600

ip ssh break-string

no aaa new-model

! ! !

no crypto isakmp enable

! ! ! !

interface Ethernet0

ip address 10.0.0.254 255.0.0.0 secondary

ip address 10.10.10.1 255.255.255.0

ip nat inside

no ip mroute-cache

hold-queue 100 out

!

interface ATM0

no ip address

no ip mroute-cache

atm vc-per-vp 64

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface Dialer1

ip address negotiated

ip access-group 111 in

ip nat outside

ip inspect myfw out

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication

ppp chap hostname

ppp chap password

ppp pap sent-username

ppp ipcp dns request

ppp ipcp wins request

hold-queue 224 in

!

ip nat inside source list 102 interface Dialer1 overload

ip nat inside source static tcp 10.0.0.10 6881 interface Dialer1 6881

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

no ip http secure-server

! !

logging 10.0.0.10

access-list 23 permit 10.0.0.0 0.255.255.255

access-list 23 permit 10.10.10.0 0.0.0.255

access-list 102 permit ip 10.0.0.0 0.255.255.255 any

access-list 111 permit tcp any any eq 6881

access-list 111 permit icmp any any echo-reply

access-list 111 permit icmp any any time-exceeded

access-list 111 deny icmp any any administratively-prohibited

access-list 111 deny icmp any any echo

access-list 111 deny icmp any any packet-too-big

access-list 111 deny icmp any any unreachable

access-list 111 deny icmp any any

access-list 111 deny ip any any log

dialer-list 1 protocol ip permit

!

control-plane

! !

line con 0

exec-timeout 120 0

no modem enable

transport preferred all

transport output all

stopbits 1

line aux 0

transport preferred all

transport output all

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 120 0

login local

length 0

transport preferred all

transport input all

transport output all

!

scheduler max-task-time 5000

!

end

Reply to
Steve

must read:

access-list 102 permit ip 10.10.10.0 0.0.0.255 any

If your internal network is 10.10.10.0 mask 255.255.255.0

Reply to
Uli Link

thanks uli - did give it go - still no joy - just had to go back to 12.2

i even tried "ip any any" and a no. of variations but it just didn't like it.... everything else works fine its just NAT

going to try and find later IOS but it's going to be tricky without smartnet contract

Reply to
Steve

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.