Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2256
Views
0
Helpful
2
Replies

Enabling IPv6 inspect rule results in very slow downloads

Go to solution
2044418Puts
Level 1
Level 1

‎10-02-2010 06:00 AM - edited ‎03-11-2019 11:49 AM

Hi,

I'm experimenting with IPv6 using a cisco 1711 running "c1700-bk9no3r2sy7-mz.124-15.T14.bin". The 1711 builds up an ipv6 over ipv4 tunnel to a tunnelbroker (Hurricane Electric) using a tunnel interface. Everything is working as it should and I'm getting 8 mbps up and down (hardware limitation on the 1711).

Until... I enable the ipv6 inspect rule. Then new downloads only reach to 1.000 - 10.000 bytes (!) per second. This is what the config looks like:

ipv6 unicast-routing
ipv6 cef
ipv6 inspect udp idle-time 15
ipv6 inspect tcp idle-time 1800
ipv6 inspect tcp finwait-time 1
ipv6 inspect tcp synwait-time 15
ipv6 inspect name TUNNEL0_OUT_CBAC icmp
ipv6 inspect name TUNNEL0_OUT_CBAC tcp
ipv6 inspect name TUNNEL0_OUT_CBAC udp
ipv6 inspect name TUNNEL0_OUT_CBAC ftp

interface Tunnel0
description Hurricane Electric IPv6 Tunnel Broker
no ip address
ipv6 address 2001:X:X:X::2/64
ipv6 enable
ipv6 traffic-filter TUNNEL0_IN_ACL in
ipv6 inspect TUNNEL0_OUT_CBAC out
tunnel source FastEthernet0
tunnel destination 216.66.84.46
tunnel mode ipv6ip

ipv6 route ::/0 2001:X:X:X::1

ipv6 access-list TUNNEL0_IN_ACL
deny ipv6 any any

CPU usage is near nothing... So I'm not overloading the router.

Anyone any idea's on why this might happen?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Namit Agarwal
Cisco Employee
Cisco Employee
In response to 2044418Puts

‎10-03-2010 11:23 AM

Hi,

It looks like you were hitting the bug CSCtb10776 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb10776. Yes the version you upgraded should have the fix for this issue, as confirmed.

Regards,

Namit

View solution in original post

0 Helpful
2 Replies 2

Go to solution
2044418Puts
Level 1
Level 1

‎10-02-2010 11:50 AM

After changing from 12.4T to 12.4 mainline the problem disappeared. (124-25d). So probably a bug or something.

0 Helpful

Go to solution
Namit Agarwal
Cisco Employee
Cisco Employee
In response to 2044418Puts

‎10-03-2010 11:23 AM

Hi,

It looks like you were hitting the bug CSCtb10776 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb10776. Yes the version you upgraded should have the fix for this issue, as confirmed.

Regards,

Namit

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card