Wireshark-users: Re: [Wireshark-users] Wireshark for layer 2 ATM traffic?
From: "Frank Bulk - iName.com" <frnkblk@xxxxxxxxx>
Date: Sat, 10 Jul 2010 16:44:38 -0500
Move to cable broadband?

Frank

-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Kok-Yong Tan
Sent: Saturday, July 10, 2010 4:42 PM
To: Community support list for Wireshark
Subject: [Wireshark-users] Wireshark for layer 2 ATM traffic?

I've got a situation where an ADSL2 modem keeps dropping connection  
every 12 to 15 days such that no layer 3 ICMP pings can pass (i.e.,  
pings to the firewall behind the ADSL2 modem don't result in any  
responses).  When this happens, the ISP insists that they can "see"  
the ADSL2 modem and "layer 2 ATM pings work fine;" just that no  
traffic seems to be flowing otherwise.  I've gone onsite when this  
happens and disconnected (but not powercycled) the firewall and  
replaced it with a test laptop connected to the ethernet wire leading  
to the ADSL2 modem and tried pinging outbound (this fails).  I've  
tried setting the laptop to both the same IP address of the (now  
disconnected) firewall and to another unused IP address in the range  
assigned to us before pinging outbound.  Neither work.  The only way  
to fix this issue is to powercycle the ADSL2 modem without  
powercycling anything else.  We've already replaced the ADSL2 modem  
once.  The ISP swears that they've switched us to a different virtual  
circuit and they insist the cabling up to the ADSL2 modem from the  
Central Office (CO) is fine.  Now, if the ethernet cable connecting  
the firewall to the ADSL2 modem were bad, swapping out the ethernet  
cable would've solved the problem.  It hasn't.  Besides, it wouldn't  
cause the ADSL2 modem to hang like that until it gets powercycled.

Now, I could install the following device and get it to automatically  
powercycle the ADSL2 modem when it can't ping out any more:

<http://www.dataprobe.com/iboot-remote-reboot.html>

However, that only addresses the symptom.  It doesn't reveal the  
cause.  (Naturally, the ISP and its CLEC is throwing its hands up and  
professing ignorance while paranoid l'il ol' me is thinking it's the  
ILEC screwing with us--I've actually caught ILEC technicians multiple  
times "in flagrante delicto" with sabotaged CLEC DSL wiring in their  
hands onsite requiring a "cease and desist" letter from attorneys to  
"fix" so this isn't an aluminium-foil hat supposition.   
Unfortunately, since I have no access to the CO nor its security  
cameras, I can't prove such a thing in this case.  But if I can at  
least provide test proof of bad equipment at the CO, that'll work for  
me.)

Question:  Can wireshark be used to get any data that would reveal  
the cause of the dropped ADSL2 connection considering no layer 3  
traffic is flowing and only layer 2 ATM traffic is (supposedly) flowing?
--
Reality Artisans, Inc.             #   Network Wrangling and Delousing
P.O. Box 565, Gracie Station       #   Apple Certified Consultant
New York, NY 10028-0019            #   Apple Consultants Network member
<http://www.realityartisans.com>   #   Apple Developer Connection member
(212) 369-4876 (Voice)             #   My PGP public key can be found  
at <https://keyserver.pgp.com>




___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe