Solved: 1921/K9 Throughput - Page 2

dan.oancea · ‎09-13-2017

Hi everyone,

let me tell you a little about my network and the issue I'm having.

I have a Cisco 1921/K9 connected to the Gigabit FTTH from my ISP. From 1921/K9, I have a 2960CG with 2 trunk and 8 access ports. In the acces ports, I have an AP (Cisco 861W), a DVR, 2 NICs from my x3250 M2 server, my desktop and my gf's laptop.

With a FortiWiFi 60E, or with a FirtiGate 60E as the main router, the throughput to LAN reaches 1Gbps. With the 1921/K9, though, the throughput goes only up to 180Mbps and it's kind of disturbing, because I do not intend to use only 20% of my bandwidth, especially with the devices listed above as part of my LAN.

Bellow is the conf from 1921/K9. Could someone, please, tell me if there's any way I can increase the throughput of the router on NAT, or I'm just supposed to change the equipment?

I searched through the discussions before, searched google... nothing found about the throughput rate I'm having, nor about any resembling config.

Current configuration : 4118 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname homey-rt
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.10.1.1 10.10.1.2
ip dhcp excluded-address 10.10.1.33 10.10.1.34
ip dhcp excluded-address 10.10.1.65 10.10.1.66
ip dhcp excluded-address 10.10.1.98 10.10.1.99
!
ip dhcp pool vlan10-pool
 network 10.10.1.0 255.255.255.224
 domain-name domain.com
 dns-server 8.8.8.8 8.8.4.4
 default-router 10.10.1.1
 lease 7
!
ip dhcp pool vlan20-pool
 network 10.10.1.32 255.255.255.224
 domain-name domain.com
 dns-server 8.8.8.8 8.8.4.4
 default-router 10.10.1.33
 lease 7
!
ip dhcp pool vlan30-pool
 network 10.10.1.64 255.255.255.224
 domain-name domain.com
 dns-server 8.8.8.8 8.8.4.4
 default-router 10.10.1.65
 lease 7
!
ip dhcp pool vlan888-pool
 network 10.10.1.96 255.255.255.224
 domain-name domain.com
 dns-server 8.8.8.8 8.8.4.4
 default-router 10.10.1.98
 lease 7
!
!
!
no ip mfib
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FCZ1725713T
!
!
vtp mode transparent
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 description RDS-WAN
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip tcp adjust-mss 1452
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
 no cdp enable
 no mop enabled
!
interface GigabitEthernet0/1
 bandwidth qos-reference 10000000
 no ip address
 duplex auto
 speed 1000
!
interface GigabitEthernet0/1.1
 description comps
 bandwidth qos-reference 10000000
 encapsulation dot1Q 10
 ip address 10.10.1.1 255.255.255.224
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1.2
 description servers
 bandwidth qos-reference 10000000
 encapsulation dot1Q 20
 ip address 10.10.1.33 255.255.255.224
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1.3
 description dvr
 bandwidth qos-reference 10000000
 encapsulation dot1Q 244
 ip address 10.10.1.65 255.255.255.224
 ip nat inside
 ip virtual-reassembly in
!
interface GigabitEthernet0/1.4
 description management
 bandwidth qos-reference 10000000
 encapsulation dot1Q 888
 ip address 10.10.1.98 255.255.255.224
 ip nat inside
 ip virtual-reassembly in
!
interface Dialer1
 ip address negotiated
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer idle-timeout 0
 dialer load-threshold 1 either
 dialer persistent
 dialer-group 1
 ppp pap sent-username <hidden_username> password 0 <hidden_pass>
 ppp ipcp dns request accept
 ppp ipcp route default
 ppp ipcp address accept
 no cdp enable
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source list 100 interface Dialer1 overload
ip nat inside source static tcp 10.10.1.2 3389 interface Dialer1 3389
ip nat inside source static tcp 10.10.1.66 81 interface Dialer1 81
ip nat inside source static tcp 10.10.1.66 8101 interface Dialer1 8101
ip nat inside source static tcp 10.10.1.100 23 interface Dialer1 23
ip nat inside source static tcp 10.10.1.101 23 interface Dialer1 24
ip nat inside source static tcp 10.10.1.35 22 interface Dialer1 22
ip nat inside source static tcp 10.10.1.36 21 interface Dialer1 21
ip nat inside source static tcp 10.10.1.36 80 interface Dialer1 80
ip nat inside source static tcp 10.10.1.36 443 interface Dialer1 443
ip nat inside source static tcp 10.10.1.36 20 interface Dialer1 20
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 100 permit ip 10.10.1.0 0.0.0.255 any
access-list 100 permit ip any any
!
!
!
control-plane
!
!
!
line con 0
 password <hidden_pass>
 login
line aux 0
 password <hidden_pass>
 login
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password <hidden_pass>
 login
 transport input all
!
scheduler allocate 20000 1000
!
end

Thank you for your patience,

Dan

Joseph W. Doherty · ‎07-25-2022

The 1921's 15 Mbps recommendation, is a very conservative Cisco recommendation. It tries to insure you'll not run short of CPU processing capability.

Yes, a 1921's performance capacity is very depending on your traffic mix and your config. If fact, Cisco documents the 1921 of being able to route up to 2.77 Gbps (in an ideal situation).

What you can do is check CPU loading history. If you see it bumping up against 100%, especially often and/or a high usage average, you may very well be bumping into the performance limits of that router, and if your are, it will impact your network usage.

BTW, using a gig interface, alone, doesn't make much of a difference beyond making it "easier" to exceed the capacity of the router.