Solved: RV130W 100% CPU usage

rossini · ‎03-22-2017

I am experiencing some problems with the RV130W Wireless-N VPN Firewall related to its performance.

The router doesn´t have any special configuration, about 20 computers connected to it through Switch LAN and about 10 cell phone connected through its WLAN.

Some times the internet and the LAN connection turn out to be very lazy and its log register 100% of CPU loading like the image below:

I try my best, but do not succed on discover the reasons this is happening.

There is no site-to-site ipsec VPN, QoS or PPPoE configuration, just the DHCP server enabled.

cbjwthwm · ‎03-23-2017

Enabling the QoS bandwidth management and setting it to the speeds of your connection seems to help with this type of stability issue, and I noticed that it seems to fix latency issues this router has when wifi is loaded heavily.

The speed of the wifi (download rate from client connections, which is usually most problematic vs upload) also seems to be more stable when WPA2-Personal Mixed is selected, even if you don't want anything to use TKIP (which limits connections at G rates) vs AES. I found a similar stability issue on Netgear's FVS318N with its latest firmware, which is a similar router using the same single core Cavium CPU platform.

My theory on the QoS settings improving latency (and often fixing SSL browsing issues) used to be that it somehow improved the router's ability to multitask its routing and access point functions, but I have have some new ideas after testing with a 150Mb WAN connection recently. With the default MTU (other users claim changing the WAN MTU to 1380 also improves SSL certificate issues) and QoS off, the connection would test out at 175Mb as this ISP normally over-delivers on their WAN speeds.

When I enabled QoS and retested, the WAN speed capped at 120Mb. Considering this router is rated for 800Mb WAN to LAN throughput, I believe what's happening is that the hardware NAT type acceleration is disabled when QoS is enabled (a common scenario with routers). This would point to the hardware NAT support as being the buggy portion of Cisco's firmware re: SSL issues.

To continue testing that theory, I disabled QoS and changed the WAN MTU to 1380 and speeds again dropped to 145Mb. I'm not sure whether the hardware NAT is disabled in that scenario or not, but the performance cap versus is 800Mb rating makes it appear the router is losing some acceleration features when that setting is modified, as the drop seems too much to attribute to fragmentation from the lower MTU etc.

View solution in original post

cbjwthwm · ‎03-23-2017

Enabling the QoS bandwidth management and setting it to the speeds of your connection seems to help with this type of stability issue, and I noticed that it seems to fix latency issues this router has when wifi is loaded heavily.

The speed of the wifi (download rate from client connections, which is usually most problematic vs upload) also seems to be more stable when WPA2-Personal Mixed is selected, even if you don't want anything to use TKIP (which limits connections at G rates) vs AES. I found a similar stability issue on Netgear's FVS318N with its latest firmware, which is a similar router using the same single core Cavium CPU platform.

My theory on the QoS settings improving latency (and often fixing SSL browsing issues) used to be that it somehow improved the router's ability to multitask its routing and access point functions, but I have have some new ideas after testing with a 150Mb WAN connection recently. With the default MTU (other users claim changing the WAN MTU to 1380 also improves SSL certificate issues) and QoS off, the connection would test out at 175Mb as this ISP normally over-delivers on their WAN speeds.

When I enabled QoS and retested, the WAN speed capped at 120Mb. Considering this router is rated for 800Mb WAN to LAN throughput, I believe what's happening is that the hardware NAT type acceleration is disabled when QoS is enabled (a common scenario with routers). This would point to the hardware NAT support as being the buggy portion of Cisco's firmware re: SSL issues.

To continue testing that theory, I disabled QoS and changed the WAN MTU to 1380 and speeds again dropped to 145Mb. I'm not sure whether the hardware NAT is disabled in that scenario or not, but the performance cap versus is 800Mb rating makes it appear the router is losing some acceleration features when that setting is modified, as the drop seems too much to attribute to fragmentation from the lower MTU etc.

cbjwthwm · ‎04-27-2017

I just tested the new 1.0.3.28 firmware that was released today. There are no release notes yet, but the wifi performance seems to be vastly improved and I haven't been able to trigger any severe transfer rate or CPU loading / latency issues as with previous firmware versions. I did my testing with an in-place config upgrade without resetting to defaults etc.

I can still easily trigger an issue with https type sites though, by making a connection to a computer using Logmein's remote services. With bandwidth management disabled, encrypted connections (I believe they use 256-bit AES) always fail to initiate a remote session. Since the setting can be enabled and disabled on the fly, disabling it instantly fixes the issue initiating the encrypted remote session. I was testing with the external client making connections within Firefox, whereas other browsers such as IE sometimes initiate the connection in the browser without using the external client app.

Considering my earlier theory about the custom WAN MTU and bandwidth management both showing bandwidth caps (thus possibly disabling hardware NAT), I tried leaving bandwidth management disabled and only changing to a custom WAN MTU of 1380--but the sessions still failed to initiate. The https issues seem to be directly related to whatever portion of the router is being disabled or changes operation when bandwidth management is enabled.

cbjwthwm · ‎05-04-2017

Today I backed up this router's configuration, reset it to defaults and restored the backup without doing any other configuration. The repeatable issue described above (of toggling bandwidth management on and off to fix initialization of connections to encrypted Logmein sessions) appears to have been resolved.

I would recommend that anyone updating to firmware 1.0.3.28 backup their old configuration and restore it into a default state to get the full benefits of the new bug fixes.

Release notes for this new firmware are still not yet available in the usual area:

http://www.cisco.com/c/en/us/support/routers/small-business-rv-series-routers/products-release-notes-list.html

amargupt · ‎03-27-2017

Hi,

Would you please share the firmware details ?

might be it is also related to DHCP spoofing, please check the logs and verify the MAC address of verify client.

thank you

Amar Gupta

cbjwthwm · ‎03-28-2017

All of the speed testing was done with a RV130 on the latest firmware, reset to defaults with a DHCP connection on the WAN.

In my testing where I isolated combinations of wireless symptoms and workarounds, I used the far more problematic RV130W running the latest firmware with the DHCP server disabled, since my server provides DHCP. It doesn't have much customization and is only used as a gateway with no DNS proxy or DHCP services enabled.

My own connection is only 60Mb, so I couldn't test my theories about the workaround methods disabling hardware NAT type functions so I confirmed it on a connection that would scale to 175-180Mb.

rossini · ‎03-29-2017

Hi cbjwthwm,

I will try do some test with de DHCP disabled, using the servico from WAN device to check your advice.

Thanks.

rossini · ‎03-29-2017

Hi Amar Gupta,

recently I update the firmware. It's version is 1.0.3.22, Device Model: RV130W, PID VID: RV130W-A V01.

I'm checking all MAC address and seaching for some potencial untrusted DHCP server.

Thanks.

rossini · ‎03-29-2017

Hi cbjwthwm, thank you for your attention.

Well, I set the QoS bandwidth management as you suggest, lets see if the router gets better. I also set the wireless security mode to WPA2-Personal Mixed, it was just WPA2-Personal previously.

About the rest of yours advices, I'm also trying some configurations to find out the problem.

Thanks.

rossini · ‎03-31-2017

Recently, there are a lot of PPPoE related message in log like showed below.

But the router doesn´t heve this configuration, it just have a static IP to connect to the device with de PPPoE role. It's static WAN IP is 192.168.1.2.

2010-01-01 00:00:07 RV130W kern.warning [kernel mode] CNS3XXX_ARL_TABLE_ADD
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44f5800, devname=br0, event=5
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44c3800, devname=vlan1, event=8
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44f5800, devname=br0, event=8
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44c3800, devname=vlan1, event=13
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44c3800, devname=vlan1, event=1
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44f5800, devname=br0, event=13
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44f5800, devname=br0, event=1
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a44c3800, devname=vlan1, event=4
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a79f2c00, devname=eth3, event=13
2010-01-01 00:00:07 RV130W kern.warning pppoe_device_event: dev=a79f2c00, devname=eth3, event=1
2010-01-01 00:00:08 RV130W kern.warning pppoe_device_event: dev=a44e5800, devname=wl0.1, event=5
2010-01-01 00:00:08 RV130W kern.warning pppoe_device_event: dev=a44ee000, devname=wl0.2, event=5
2010-01-01 00:00:08 RV130W kern.warning pppoe_device_event: dev=a44ef000, devname=wl0.3, event=5
2010-01-01 00:00:09 RV130W kern.warning COEX: downgraded chanspec 0x1808 to 0x1006: channel 3 used by exiting BSSs
2010-01-01 00:00:09 RV130W kern.warning pppoe_device_event: dev=a44e5800, devname=wl0.1, event=13
2010-01-01 00:00:09 RV130W kern.warning pppoe_device_event: dev=a44e5800, devname=wl0.1, event=1
2010-01-01 00:00:10 RV130W kern.warning pppoe_device_event: dev=a44ee000, devname=wl0.2, event=13
2010-01-01 00:00:10 RV130W kern.warning pppoe_device_event: dev=a44ee000, devname=wl0.2, event=1
2010-01-01 00:00:10 RV130W kern.warning pppoe_device_event: dev=a44ef000, devname=wl0.3, event=13
2010-01-01 00:00:10 RV130W kern.warning pppoe_device_event: dev=a44ef000, devname=wl0.3, event=1
2010-01-01 00:00:39 RV130W kern.warning cmd 35143 is not SIOCDEVPRIVATE(35312)
2010-01-01 00:00:40 RV130W kern.warning cmd 35143 is not SIOCDEVPRIVATE(35312)
2010-01-01 00:00:41 RV130W kern.warning pppoe_device_event: dev=a7b00000, devname=eth1, event=13
2010-01-01 00:00:41 RV130W kern.warning pppoe_device_event: dev=a7b00000, devname=eth1, event=1
2010-01-01 00:00:41 RV130W kern.warning pppoe_device_event: dev=a7b00000, devname=eth1, event=4
2010-01-01 00:00:41 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=5
2010-01-01 00:00:41 RV130W kern.warning gsw_vlan_rx_register
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL0_REG: 80002e00
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL1_REG: 11bbcc
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL2_REG: dd800fff
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL0_REG: 88000a00
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL1_REG: 112233
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL2_REG: 55000032
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL0_REG: 88000c00
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL1_REG: 112233
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] VLAN_CTRL2_REG: 55110002
2010-01-01 00:00:42 RV130W kern.warning [kernel mode] CNS3XXX_ARL_TABLE_ADD
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=8
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=13
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=1
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=9
2010-01-01 00:00:42 RV130W kern.warning pppoe_flush_dev:(294) dev=a588c800, nd_net=a042f260
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=2
2010-01-01 00:00:42 RV130W kern.warning pppoe_flush_dev:(294) dev=a588c800, nd_net=a042f260
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=13
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=1
2010-01-01 00:00:42 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=4
2010-01-01 00:00:43 RV130W kern.warning pppoe_device_event: dev=a588c800, devname=vlan2, event=4
2010-01-01 00:00:54 RV130W user.err radvd[8690]: no linklocal address configured for br0
2010-01-01 00:00:54 RV130W user.err radvd[8690]: error parsing or activating the config file: /tmp/radvd.conf
2017-03-29 09:21:15 RV130W kern.warning HTB: quantum of class 100020 is small. Consider r2q change.
2017-03-29 09:21:16 RV130W kern.warning cmd 35143 is not SIOCDEVPRIVATE(35312)
2017-03-29 09:21:16 RV130W user.emerg WAN Ethernet Interface is UP, Address=192.168.1.2
2017-03-29 09:21:17 RV130W kern.warning HTB: quantum of class 100020 is small. Consider r2q change.

rossini · ‎04-03-2017

More log registered today:

2017-03-31 17:23:06 RV130W user.emerg CPU loading is 99%
2017-03-31 23:23:09 RV130W kern.warning eth3: received packet with own address as source address
2017-04-02 11:58:24 RV130W daemon.warning udhcpd[1718]: unsupported DHCP message (02) -- ignoring
2017-04-03 09:01:04 RV130W user.emerg CPU loading is 99%
2017-04-03 11:18:05 RV130W user.emerg CPU loading is 100%
2017-04-03 14:57:11 RV130W user.emerg CPU loading is 100%
2017-04-03 15:16:09 RV130W user.emerg CPU loading is 100%