вопрос в том, что до CISCO и от CISCO большой пинг
от CISCO к клиенту:
Sending 5, 100-byte ICMP Echos to 172.20.128.53, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/65/116 msОт клиента к CISCO:
Обмен пакетами с 172.20.128.1 по 32 байт:
Ответ от 172.20.128.1: число байт=32 время=179мс TTL=255
Ответ от 172.20.128.1: число байт=32 время=53мс TTL=255
Ответ от 172.20.128.1: число байт=32 время=39мс TTL=255
Ответ от 172.20.128.1: число байт=32 время=34мс TTL=255
Народ жалуется,что связь с внешним миром стала плохой ..
CIsco вроде сильно не загружено:
CPU utilization for five seconds: 40%/12%; one minute: 43%; five minutes: 44%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
71 173821376 334483122 519 27.85% 29.04% 29.25% 0 IP Input
183 81792 4873212 16 0.32% 0.40% 0.40% 0 traffic_shape
181 299404 13626094 21 0.32% 0.28% 0.25% 0 IP NAT Ager
180 114596 2637489 43 0.16% 0.08% 0.08% 0 IP VFR proc
2 10928 1122272 9 0.08% 0.03% 0.02% 0 Load Meter
112 41836 11262531 3 0.08% 0.04% 0.02% 0 DHCPD Receive
Просьба помочь, раньше пинг от 1 до 8 был.
конфигурация cisco:
Building configuration...
Current configuration : 6685 bytes
version 12.4
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname c2800-gw
boot-start-marker
boot-end-marker
logging buffered 4096 debugging
enable secret 5 $1$c1iG$ckzQkGU5WNqNmlRQ3QMQL/
enable password 7 145E1C0E02007E3D3D7E233936104D5E
aaa new-model
aaa authentication login default local group tacacs+ enable
aaa authentication enable default enable group tacacs+
aaa authorization exec default local group tacacs+ if-authenticated
aaa authorization commands 15 default local group tacacs+ if-authenticated
aaa accounting commands 0 default stop-only group tacacs+
aaa accounting commands 7 default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa session-id common
resource policy
clock timezone RU+5UTC 5
clock summer-time RU+5UTC recurring last Sun Mar 2:00 last Sun Oct 3:00
errdisable recovery interval 120
ip subnet-zero
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 172.20.136.1
ip dhcp excluded-address 172.20.136.2 172.20.136.32
ip dhcp excluded-address 172.20.136.92 172.20.136.255
ip dhcp excluded-address 172.20.128.1
ip dhcp excluded-address 172.20.128.2
ip dhcp excluded-address 172.20.128.3
ip dhcp excluded-address 172.20.128.4
ip dhcp excluded-address 91.143.52.34
ip dhcp excluded-address 91.143.48.42
!
ip dhcp pool 220-2-1
host 172.20.136.33 255.255.252.0
client-identifier 0100.1921.4c05.f4
default-router 172.20.136.1
dns-server 172.20.128.2 91.143.52.34 91.143.48.42
domain-name gb.local
client-name ws02r01l220s01.gb.local
lease 30
!
no ip bootp server
no ip domain lookup
ip name-server 91.143.52.34
ip name-server 91.143.48.42
login on-failure log
login on-success log
username gonakav privilege 15 password 7 023F105F3612433555571A08
username _deejayyug privilege 15 password 7 1251221F100F180A182D3604273E245A
username lv privilege 15 password 7 1151405745445E5D
archive
log config
logging enable
notify syslog
hidekeys
!
interface FastEthernet0/0
description -- LAN
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
no snmp trap link-status
no cdp enable
!
interface FastEthernet0/0.1
description -- LAN inet pool
encapsulation dot1Q 1 native
ip address 172.20.128.1 255.255.252.0 secondary
ip address 192.168.0.1 255.255.254.0
ip nat inside
ip virtual-reassembly
no ip route-cache
no snmp trap link-status
traffic-shape rate 4096000 256000 256000 1024
no cdp enable
!
interface FastEthernet0/0.2
description Readers inet pool
encapsulation dot1Q 2
ip address 172.20.136.1 255.255.252.0
ip nat inside
ip virtual-reassembly
no ip route-cache
no snmp trap link-status
traffic-shape rate 4096000 256000 256000 1024
no cdp enable
!
interface FastEthernet0/1
description -- GW
ip address 91.143.54.170 255.255.255.248
ip access-group WAN in
ip access-group WAN out
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
no snmp trap link-status
no cdp enable
!
ip default-gateway 91.143.54.169
ip classless
ip route 0.0.0.0 0.0.0.0 91.143.54.169
!
no ip http server
no ip http secure-server
ip nat pool inet_pool 91.143.54.170 91.143.54.170 netmask 255.255.255.252
ip nat inside source list new_users_inet_pool pool inet_pool overload
ip nat inside source list readers_inet_136 pool inet_pool overload
ip nat inside source list readers_inet_pool pool inet_pool overload
ip nat inside source list users_inet_pool pool inet_pool overload
!
ip access-list standard TELNET
permit 192.168.0.62
permit 192.168.0.20
permit 91.143.52.10
ip access-list standard new_users_inet_pool
permit 172.20.128.0 0.0.3.255
ip access-list standard readers_inet_136
permit 172.20.136.0 0.0.3.255
ip access-list standard readers_inet_pool
permit 10.0.0.0 0.0.0.255
ip access-list standard users_inet_pool
permit 192.168.0.0 0.0.1.255
!
ip access-list extended WAN
deny ip 10.0.0.0 0.255.255.255 any log
deny ip 192.168.0.0 0.0.255.255 any log
deny ip 172.16.0.0 0.15.255.255 any log
deny udp any any eq snmp log
permit ip any any
!
logging origin-id hostname
logging facility local0
snmp-server community )nend4vy6pltc*( RO TELNET
snmp-server location MUK GB, Nefteyugansk, Russia
snmp-server contact Gonak Anton V.
snmp-server enable traps tty
no cdp run
!
control-plane
!
line con 0
logging synchronous
transport preferred none
line aux 0
line vty 0 4
access-class TELNET in
exec-timeout 60 0
password 7 003D0702394F471216385F5F
logging synchronous
transport preferred none
transport input telnet ssh
transport output telnet ssh
line vty 5 15
access-class TELNET in
exec-timeout 60 0
password 7 0532120B1C58021D001C0403
logging synchronous
transport preferred none
transport input telnet ssh
transport output telnet ssh
!
scheduler allocate 20000 1000
!
end