- Cisco Community
- Technology and Support
- Networking
- Routing
- Weird problem with bandwidth on C887VA
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
CEF affected when used with NVI (ip nat enable) on C887VA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-01-2011 10:22 AM - edited 03-04-2019 02:29 PM
I'm scratching my head second day now trying to find out what the problem here is.
Basically I have a Cisco 887VA router and VDSL service - 40Mbps/10Mbps
External IP address in all examples below is: 111.111.111.111 and internal LAN is 192.168.101.0/24. IOS: 15.1.4M1
My standard config looks like this:
interface Ethernet0
no ip address
!
interface Ethernet0.101
description PPPoE bridging from controller VDSL to dialer 1
encapsulation dot1Q 101
no ip redirects
pppoe-client dial-pool-number 1
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
switchport access vlan 10
no ip address
!
interface Vlan1
ip address 192.168.101.1 255.255.255.0
no ip redirects
ip nat enable
ip tcp adjust-mss 1452
!
interface Vlan10
no ip address
no ip redirects
!
interface Dialer1
mtu 1492
ip address 111.111.111.111 255.255.255.248
no ip redirects
no ip unreachables
ip nat enable
encapsulation ppp
load-interval 30
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname login@domain.com
ppp chap password 0 somerandompassword
ppp direction callout
ppp ipcp header-compression ack
ppp ipcp dns request accept
ppp ipcp address accept
no cdp enable
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat pool WAN 111.111.111.111 111.111.111.111 prefix-length 29
ip nat source list 1 pool WAN overload
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 192.168.101.0 0.0.0.255
access-list 1 deny any
dialer-list 1 protocol ip permit
If I run any kind of bandwidth test or try to download a file from the Internet I get maximum 20Mbps (approx 2MB/s when downloading a file).
I started to modify my config to try to find a solution. first thing what I've done was, I created lo0 interface with public IP address and modified Dialer 1, like this:
interface Loopback0
ip address 111.111.111.111 255.255.255.255
no ip redirects
ip nat enable
!
interface Dialer1
mtu 1492
ip unnumbered Loopback0
no ip redirects
....
Well... that didn't change anything at all.
Next thing what I've done was, I assigned the same public IP to one of the VLANs (vlan 10):
interface Vlan10
ip address 111.111.111.111 255.255.255.248
no ip redirects
ip nat enable
!
interface Dialer1
mtu 1492
ip unnumbered Vlan10
no ip redirects interface
...
and... still nothing. Still stuck on 20Mbps download speed.
I have thendisconnected FastEthernet 3 which is in VLAN 10 and... SURPRISE! 40Mbps !?!
I would really appreciate if someone could explain to my the behaviour. Wy am I getting only 20Mbps with the simplest possible setup, but when I assign public IP to vlan 10 interface AND disconnect it from everything... I get full speed?
I will appreciate any suggestions and help.
- Labels:
-
Routing Protocols
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-02-2011 02:27 PM
No suggestions what could cause that weir behaviour?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2011 08:57 AM
I had some more time to look into this problem in the last couple of days and I think (please correct me if I'm wrong) that CEF is not working properly when used with ip nat enable and NVI interface and packaged get proccess switched instead of cache switched.
As soon as I reconfigured the router to use inside/outside NAT domains everything started to work fine and I got 40Mbps on the clock.
The following output is when I configured the router with inside/outside NAT domains:
router#show ip cef switching statistics feature
IPv4 CEF input features:
Feature Drop Consume Punt Punt2Host Gave route
Dialer i/f overr 0 118930 436 0 0
NAT Outside 0 0 0 202 0
Total 0 118930 436 202 0
IPv4 CEF output features:
Feature Drop Consume Punt Punt2Host New i/f
Post-routing NAT 0 0 0 203 0
Total 0 0 0 203 0
IPv4 CEF post-encap features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF for us features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF punt features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF local features:
Feature Drop Consume Punt Punt2Host Gave route
Total 0 0 0 0 0
router#show interfaces stats
Interface ATM0 is disabled
Dialer1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 453 83185 482 50551
Route cache 118945 153143393 80901 43018072
Total 119398 153226578 81383 43068623
Ethernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 462 94555 495 54504
Route cache 119030 156001324 80701 44657766
Total 119492 156095879 81196 44712270
FastEthernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 82711 44899101 119999 155373314
Route cache 0 0 0 0
Total 82711 44899101 119999 155373314
FastEthernet1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet3
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
NVI0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Virtual-Access1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 460 83359 488 50699
Route cache 119030 153144604 80901 43018072
Total 119490 153227963 81389 43068771
Vlan1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 1235 185441 1052 230049
Route cache 80905 44306264 118936 154570023
Total 82140 44491705 119988 154800072
So as you can see only very few packes get punted to process switcheding when used inside/outside NAT domains.
This out put is from the same router configured with NVI and ip nat enable option:
router#show interfaces stats
Interface ATM0 is disabled
Dialer1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 20446 22834253 204 94710
Route cache 0 0 16984 12696305
Total 20446 22834253 17188 12791015
Ethernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 20455 23325455 217 95913
Route cache 9 334 16855 12917867
Total 20464 23325789 17072 13013780
FastEthernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 17961 13150404 20631 23150582
Route cache 0 0 0 0
Total 17961 13150404 20631 23150582
FastEthernet1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet3
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
NVI0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Virtual-Access1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 20453 22834427 210 94858
Route cache 9 118 16984 12696305
Total 20462 22834545 17194 12791163
Vlan1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 437 67543 20630 23066203
Route cache 17317 12982730 0 0
Total 17754 13050273 20630 23066203
router#sh ip cef switching statistics feature
IPv4 CEF input features:
Feature Drop Consume Punt Punt2Host Gave route
Dialer i/f overr 0 3 20516 0 0
Total 0 3 20516 0 0
IPv4 CEF output features:
Feature Drop Consume Punt Punt2Host New i/f
Post-routing NAT 0 0 0 141 0
Total 0 0 0 141 0
IPv4 CEF post-encap features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF for us features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF punt features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF local features:
Feature Drop Consume Punt Punt2Host Gave route
Total 0 0 0 0 0
router#sh ip interface
ATM0 is administratively down, line protocol is down
Internet protocol processing disabled
Dialer1 is up, line protocol is up
Internet address is 111.111.111.111/29
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1492 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is disabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are never sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is enabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Dialer i/f override, Virtual Fragment Reassembly, Virtual Fragment Reassembly After IPSec Decryption, MCI Check
Output features: Post-routing NAT NVI Output, Stateful Inspection, Dialer idle reset, Dialer idle reset
Ethernet0 is up, line protocol is up
Internet protocol processing disabled
Ethernet0.101 is up, line protocol is up
Internet protocol processing disabled
FastEthernet0 is up, line protocol is up
Internet protocol processing disabled
FastEthernet1 is down, line protocol is down
Internet protocol processing disabled
FastEthernet2 is down, line protocol is down
Internet protocol processing disabled
FastEthernet3 is down, line protocol is down
Internet protocol processing disabled
NVI0 is up, line protocol is up
Interface is unnumbered. Using address of Vlan1 (192.168.101.1)
Broadcast address is 255.255.255.255
MTU is 1514 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is disabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is disabled
IP Null turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
Output features: Post-routing NAT NVI Output
Virtual-Access1 is up, line protocol is up
Peer address is 222.222.222.222
Dialer interface is Dialer1
Vlan1 is up, line protocol is up
Internet address is 192.168.101.1/24
Broadcast address is 255.255.255.255
Address determined by non-volatile memory
MTU is 1492 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: Stateful Inspection, Virtual Fragment Reassembly, Virtual Fragment Reassembly After IPSec Decryption, MCI Check, TCP Adjust MSS
Output features: Post-routing NAT NVI Output, Stateful Inspection, TCP Adjust MSS
The above shows that everything gets process switched instead of CEF.
The last output was taken from the router configured with additional interface vlan 10 (all details of that interface can be found in my firs post) with public IP address and then dial1 was borrowing it - ip unnum vlan 10: (this configuration also gives me correct bandwidth speed BUT as long as vlan 10 is down/down!?)
router#show ip int br
Interface IP-Address OK? Method Status Protocol
ATM0 unassigned YES NVRAM administratively down down
Dialer1 111.111.111.111 YES TFTP up up
Ethernet0 unassigned YES NVRAM up up
Ethernet0.101 unassigned YES unset up up
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset down down
FastEthernet2 unassigned YES unset down down
FastEthernet3 unassigned YES unset down down
NVI0 192.168.101.1 YES unset up up
Virtual-Access1 unassigned YES unset up up
Vlan1 192.168.101.1 YES NVRAM up up
Vlan10 111.111.111.111 YES manual down down
router#show interfaces stats
Interface ATM0 is disabled
Dialer1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 74 20270 82 9678
Route cache 40220 55420566 23946 8246663
Total 40294 55440836 24028 8256341
Ethernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 83 22542 95 10781
Route cache 40224 56385994 23911 8768267
Total 40307 56408536 24006 8779048
FastEthernet0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 24890 8885419 40477 56132918
Route cache 0 0 0 0
Total 24890 8885419 40477 56132918
FastEthernet1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
FastEthernet3
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
NVI0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Virtual-Access1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 81 20442 88 9826
Route cache 40224 55420618 23946 8246663
Total 40305 55441060 24034 8256489
Vlan1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 618 96031 142 29306
Route cache 24063 8664885 40331 55923726
Total 24681 8760916 40473 55953032
Vlan10
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
router#show ip cef switching statistics feature
IPv4 CEF input features:
Feature Drop Consume Punt Punt2Host Gave route
Dialer i/f overr 0 41110 88 0 0
Total 0 41110 88 0 0
IPv4 CEF output features:
Feature Drop Consume Punt Punt2Host New i/f
Post-routing NAT 0 0 0 251 41240
Total 0 0 0 251 41240
IPv4 CEF post-encap features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF for us features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF punt features:
Feature Drop Consume Punt Punt2Host New i/f
Total 0 0 0 0 0
IPv4 CEF local features:
Feature Drop Consume Punt Punt2Host Gave route
Total 0 0 0 0 0
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
