Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: [Wireshark-users] Wireshark for layer 2 ATM traffic?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Kok-Yong Tan <ktan@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 10 Jul 2010 17:41:33 -0400
I've got a situation where an ADSL2 modem keeps dropping connection every 12 to 15 days such that no layer 3 ICMP pings can pass (i.e., pings to the firewall behind the ADSL2 modem don't result in any responses). When this happens, the ISP insists that they can "see" the ADSL2 modem and "layer 2 ATM pings work fine;" just that no traffic seems to be flowing otherwise. I've gone onsite when this happens and disconnected (but not powercycled) the firewall and replaced it with a test laptop connected to the ethernet wire leading to the ADSL2 modem and tried pinging outbound (this fails). I've tried setting the laptop to both the same IP address of the (now disconnected) firewall and to another unused IP address in the range assigned to us before pinging outbound. Neither work. The only way to fix this issue is to powercycle the ADSL2 modem without powercycling anything else. We've already replaced the ADSL2 modem once. The ISP swears that they've switched us to a different virtual circuit and they insist the cabling up to the ADSL2 modem from the Central Office (CO) is fine. Now, if the ethernet cable connecting the firewall to the ADSL2 modem were bad, swapping out the ethernet cable would've solved the problem. It hasn't. Besides, it wouldn't cause the ADSL2 modem to hang like that until it gets powercycled.
Now, I could install the following device and get it to automatically powercycle the ADSL2 modem when it can't ping out any more: 

<http://www.dataprobe.com/iboot-remote-reboot.html>
However, that only addresses the symptom. It doesn't reveal the cause. (Naturally, the ISP and its CLEC is throwing its hands up and professing ignorance while paranoid l'il ol' me is thinking it's the ILEC screwing with us--I've actually caught ILEC technicians multiple times "in flagrante delicto" with sabotaged CLEC DSL wiring in their hands onsite requiring a "cease and desist" letter from attorneys to "fix" so this isn't an aluminium-foil hat supposition. Unfortunately, since I have no access to the CO nor its security cameras, I can't prove such a thing in this case. But if I can at least provide test proof of bad equipment at the CO, that'll work for me.)
Question: Can wireshark be used to get any data that would reveal the cause of the dropped ADSL2 connection considering no layer 3 traffic is flowing and only layer 2 ATM traffic is (supposedly) flowing? 
--
Reality Artisans, Inc.             #   Network Wrangling and Delousing
P.O. Box 565, Gracie Station       #   Apple Certified Consultant
New York, NY 10028-0019            #   Apple Consultants Network member
<http://www.realityartisans.com>   #   Apple Developer Connection member
(212) 369-4876 (Voice) # My PGP public key can be found at <https://keyserver.pgp.com>
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube