cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1182
Views
5
Helpful
3
Replies

Cisco 800 series - Slow internet?

BurakOzkan
Level 1
Level 1

Hi everyone,

So recently our company has purchased a Cisco C881. I've loaded CP Express on it just in case because I'm still learning to work with the CLI. I've configured a static WAN interface (fixed speed at 100Mbps Full Duplex) just like on our old router. Static DNS, IP etc. While I am able to access the internet, it is incredibly slow for some reason. And not all sites, twitter.com opens up just like that. While Google takes it sweet time and sometimes does not open at all. Most of the websites do this. 

I tried pinging websites from the router (like Google) and get 40% and 60% most, a lot of packets are being dropped. On CP Expres I opened pretty much everything from LAN to WAN. Is there a config. that I'm possibly missing that is causing this? Tried putting a switch between the Cisco router and my laptop but the problem still remains.

Current configuration : 13471 bytes

!

! Last configuration change at 08:51:58 GMT Thu May 26 2016 by burak

!

version 15.5

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot config usbflash0:CVO-BOOT.CFG

boot-end-marker

!

!

!

aaa new-model

!

!

aaa authentication login local_access local

!

!

!

!

!

aaa session-id common

ethernet lmi ce

clock timezone GMT 2 0

!

crypto pki trustpoint TP-self-signed-3666389536

 enrollment selfsigned

 subject-name cn=IOS-Self-Signed-Certificate-3666389536

 revocation-check none

 rsakeypair TP-self-signed-3666389536

!

!

crypto pki certificate chain TP-self-signed-3666389536

 certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33363636 33383935 3336301E 170D3136 30353235 30373539

  33335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 36363633

  38393533 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100E5EF 09070186 6C15041A D675F986 5692906A C278BCD0 873EBB29 43A0C964

  1E1EF3AD 7DA6BF58 E62FB01D 4865EBF6 6D0EB398 F86EB71E 561538A1 0A3A1923

  D36AE67C 67E205E4 4382AFD8 F8E6FF5A 2F883EAF 617ABC21 351E2177 F6A39A4A

  22740755 96E776A2 DECCE802 C390E079 02283F2F DD76FB0E 19FCB275 C687DDB7

  EDDD0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 14F434B6 1D63EA9F 68BEF920 A76F4013 BA080691 D8301D06

  03551D0E 04160414 F434B61D 63EA9F68 BEF920A7 6F4013BA 080691D8 300D0609

  2A864886 F70D0101 05050003 8181003F F29BC2D5 88E11ED1 0FF6D186 2DC53E55

  828F6EDA 2CF21659 45ACB21D 1E314290 E37C9B64 0BDCFD09 36078CBA 34365501

  F6FE7AC8 063D87AE 270DCB58 FEBA694F 97A8B31A E65EA5FD 2237EBA6 A30F658B

  C3B5818A A52B4AD5 81B6C114 4C6E7F76 49EF2600 9B6D8EAE B6A1D891 6D4377B8

  7876503B 573B6ACB 8500F0F5 6EFFDD

        quit

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

 

 

!

ip dhcp excluded-address 192.168.1.1

!

ip dhcp pool data

 network 192.168.1.0 255.255.255.0

 default-router 192.168.1.1

 dns-server 8.8.8.8 8.8.4.4

 lease 0 8

!

ip dhcp pool ccp-pool

 dns-server [DNS provided by ISP and Google’s as second DNS]

!

!

ip name-server [DNS provided by ISP]

ip name-server 8.8.8.8

ip cef

no ipv6 cef

!

!

flow record nbar-appmon

 match ipv4 source address

 match ipv4 destination address

 match application name

 collect interface output

 collect counter bytes

 collect counter packets

 collect timestamp absolute first

 collect timestamp absolute last

!

!

flow monitor application-mon

 cache timeout active 60

 record nbar-appmon

!

parameter-map type inspect global

 max-incomplete low 18000

 max-incomplete high 20000

 nbar-classify

!

!

!

!

multilink bundle-name authenticated

!

!

!

!

!

!

!

license udi pid C881-K9 sn FCZ20089296

!

!

object-group service INTERNAL_UTM_SERVICE

!

object-group network local_cws_net

!

object-group network local_lan_subnets

 192.168.1.0 255.255.255.0

!

object-group network netwerk_dst_net

 any

!

object-group network netwerk_src_net

 any

!

object-group service netwerk_svc

 ip

!

object-group network vpn_remote_subnets

 any

!

object-group network web_dst_net

 any

!

object-group network web_src_net

 any

!

object-group service web_svc

 ip

!

username [username] privilege 15 password 0 [password] privilege admin

username [myname] privilege 15 password 0 [password]

!

!

!

!

!

!

class-map type inspect match-any CATEGORY_EMAIL

 match protocol bmpp

 match protocol esro-emsdp

 match protocol eudora-set

 match protocol exchange

 match protocol gmail

 match protocol groupwise

 match protocol imap

 match protocol imsp

 match protocol mail-ru

 match protocol mailq

 match protocol mpp

 match protocol msexch-routing

 match protocol msp

 match protocol ni-mail

 match protocol odmr

 match protocol outlook-web-service

 match protocol pop2

 match protocol pop3

 match protocol qmqp

 match protocol qmtp

 match protocol qotd

 match protocol re-mail-ck

 match protocol secure-imap

 match protocol secure-pop3

 match protocol secure-smtp

 match protocol smtp

 match protocol submission

 match protocol ulistproc

 match protocol xns-courier

 match protocol xns-mail

 match protocol yahoo-mail

class-map type inspect match-any INTERNAL_DOMAIN_FILTER

 match protocol msnmsgr

 match protocol ymsgr

class-map type inspect match-any CATEGORY_BROWSING_3

 match protocol xbox-web-portal

 match protocol xda-developers

 match protocol xinhuanet

 match protocol yahoo-accounts

 match protocol yandex

 match protocol yellowpages-us

 match protocol youku

 match protocol zendesk

 match protocol zillow

 match protocol zippyshare

 match protocol zulily

class-map type inspect match-any CATEGORY_BROWSING_2

 match protocol secure-http

 match protocol sfgate

 match protocol shockwave

 match protocol shutterstock

 match protocol sky-news

 match protocol slate-magazine

 match protocol slickdeals

 match protocol sohu-com

 match protocol southwest-airlines

 match protocol spdy

 match protocol speedtest

 match protocol spiegel-online

 match protocol ssl

 match protocol stack-overflow

 match protocol statcounter

 match protocol swagbucks

 match protocol t-mobile-web-services

 match protocol tagged-com

 match protocol taringa

 match protocol ted

 match protocol telegraph

 match protocol tesco

 match protocol the-atlantic

 match protocol the-daily-beast

 match protocol the-pirate-bay

 match protocol thechive

 match protocol thefreedictionary-com

 match protocol tianya

 match protocol time-news

 match protocol tinyurl

 match protocol tmz

 match protocol torrentz

 match protocol trulia

 match protocol tudou

 match protocol twitch-tv

 match protocol typepad

 match protocol unite-airlines

 match protocol uol

 match protocol usa-today

 match protocol usaa

 match protocol usbank

 match protocol usps

 match protocol verizon-web-services

 match protocol verizon-wireless-web-services

 match protocol vine

 match protocol vkontakte

 match protocol wall-street-journal

 match protocol wap-push

 match protocol wap-push-http

 match protocol wap-push-https

 match protocol wap-pushsecure

 match protocol wap-vcal

 match protocol wap-vcal-s

 match protocol wap-vcard

 match protocol wap-vcard-s

 match protocol wap-wsp

 match protocol wap-wsp-s

 match protocol wap-wsp-wtp

 match protocol wap-wsp-wtp-s

 match protocol warriorforum

 match protocol washington-post

 match protocol weather-com

 match protocol weather-gov-web-portal

 match protocol webmd

 match protocol weibo

 match protocol wells-fargo

 match protocol wetransfer

 match protocol whitepages

 match protocol wikia

 match protocol wikipedia

 match protocol wired-com

 match protocol wordreference-com

 match protocol worldstarhiphop

 match protocol wunderground-com

class-map type inspect match-any CATEGORY_BROWSING_1

 match protocol fox-news

 match protocol github

 match protocol gizmodo

 match protocol gmx-mail

 match protocol godaddy

 match protocol goodreads

 match protocol google-accounts

 match protocol google-services

 match protocol gopher

 match protocol gss-http

 match protocol hollywood-reporter

 match protocol hootsuite

 match protocol hostgator

 match protocol hotels-com

 match protocol htc-services

 match protocol http

 match protocol http-alt

 match protocol huffingtonpost

 match protocol imdb

 match protocol indeed-com

 match protocol independent-news

 match protocol indiatimes

 match protocol indiegogo

 match protocol infusionsoft

 match protocol intuit

 match protocol investopedia

 match protocol java-web-portal

 match protocol jimdo

 match protocol jingdong-360buy

 match protocol joomla

 match protocol kayak-com

 match protocol kickstarter

 match protocol letv-com

 match protocol livedoor

 match protocol liveperson

 match protocol livestrong-com

 match protocol mailchimp

 match protocol major-league-baseball-com

 match protocol mashable

 match protocol mint-com

 match protocol monster-com

 match protocol ms-live-accounts

 match protocol mtv

 match protocol nate-com

 match protocol national-institute-of-health

 match protocol national-public-radio

 match protocol nbc-news

 match protocol nhl-com

 match protocol nike

 match protocol noaa

 match protocol ny-daily-news

 match protocol nytimes

 match protocol okcupid

 match protocol outbrain

 match protocol patch-com

 match protocol paypal

 match protocol pbs-web-portal

 match protocol people-web

 match protocol pinterest

 match protocol playstation-store

 match protocol playstation-web-portal

 match protocol pocket

 match protocol prezi

 match protocol priceline-com

 match protocol publishers-clearing-house

 match protocol qq-accounts

 match protocol rakuten

 match protocol realtor-com

 match protocol rediff-com

 match protocol retailmenot

 match protocol reuters

 match protocol rotten-tomatoes

 match protocol samsung

 match protocol scribd

class-map type inspect match-any CATEGORY_BROWSING

 match protocol 4chan

 match protocol 58-city

 match protocol abc-news

 match protocol accuweather

 match protocol adcash

 match protocol addthis

 match protocol adweek

 match protocol airbnb

 match protocol allrecipes

 match protocol ameba

 match protocol american-express

 match protocol ancestry-com

 match protocol ask-com

 match protocol asus

 match protocol atlassian

 match protocol att-web-services

 match protocol audible-com

 match protocol aweber

 match protocol backpage

 match protocol badoo

 match protocol bandcamp-com

 match protocol bank-of-america

 match protocol basecamp

 match protocol bbc

 match protocol bild-de

 match protocol bing

 match protocol bitbucket

 match protocol bitly

 match protocol blackboard-com

 match protocol blaze-news

 match protocol bleacher-report

 match protocol bluehost

 match protocol buffer-com

 match protocol business-insider

 match protocol buzzfeed

 match protocol california-gov

 match protocol capital-one

 match protocol cbs

 match protocol cbs-sports

 match protocol chase-bank

 match protocol citi-bank

 match protocol clickbank

 match protocol cnbc

 match protocol cnet

 match protocol conduit-com

 match protocol constant-contact-com

 match protocol coupons-com

 match protocol coursera

 match protocol craigslist

 match protocol csdn

 match protocol daily-mail

 match protocol dangdang

 match protocol daum

 match protocol discover-com

 match protocol disney-web-portal

 match protocol douban

 match protocol drudge-report-com

 match protocol e-online

 match protocol ehow-web-portal

 match protocol engadget

 match protocol entertainment-weekly

 match protocol espn-browsing

 match protocol etsy

 match protocol european-union-web-portal

 match protocol eventbrite

 match protocol evernote

 match protocol fedex

 match protocol feedly

 match protocol fiver

 match protocol flash-video

 match protocol flashmyspace

 match protocol flickr

 match protocol foodnetwork

 match protocol foursquare

class-map type inspect match-all web

 match access-group name web_acl

class-map type inspect match-any netwerk_app

 match class-map CATEGORY_BROWSING

 match class-map CATEGORY_BROWSING_1

 match class-map CATEGORY_BROWSING_2

 match class-map CATEGORY_BROWSING_3

 match class-map CATEGORY_EMAIL

class-map type inspect match-all netwerk

 match access-group name netwerk_acl

 match class-map netwerk_app

!

policy-map type inspect LAN-WAN-POLICY

 class type inspect netwerk

  inspect

 class type inspect web

  inspect

 class type inspect INTERNAL_DOMAIN_FILTER

  inspect

 class class-default

  drop log

!

zone security LAN

zone security WAN

zone security VPN

zone security DMZ

zone-pair security LAN-WAN source LAN destination WAN

 service-policy type inspect LAN-WAN-POLICY

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0

 no ip address

 zone-member security LAN

!

interface FastEthernet1

 no ip address

!

interface FastEthernet2

 no ip address

!

interface FastEthernet3

 no ip address

!

interface FastEthernet4

 description PrimaryWANDesc_

 ip address [static ip provided by ISP + subnetmask]

 ip nat outside

 ip virtual-reassembly in

 zone-member security WAN

 duplex full

 speed 100

!

interface Vlan1

 ip address 192.168.1.1 255.255.255.0

 ip nbar protocol-discovery

 ip flow monitor application-mon input

 ip flow ingress

 ip flow egress

 ip nat inside

 ip virtual-reassembly in

 zone-member security LAN

 load-interval 30

!

ip default-gateway 192.168.1.1

ip forward-protocol nd

ip http server

ip http authentication local

ip http secure-server

!

!

ip nat inside source list nat-list interface FastEthernet4 overload

ip route 0.0.0.0 0.0.0.0 [my default gateway provided by ISP]

ip route 0.0.0.0 0.0.0.0 FastEthernet4

!

ip access-list extended nat-list

 permit ip object-group local_lan_subnets any

 deny   ip any any

ip access-list extended netwerk_acl

 permit object-group netwerk_svc object-group netwerk_src_net object-group netwerk_dst_net

ip access-list extended web_acl

 permit object-group web_svc object-group web_src_net object-group web_dst_net

!

!

access-list 101 permit udp any any eq domain

access-list 101 permit udp any eq domain any

access-list 102 permit tcp any any eq telnet

!

!

!

control-plane

!

!

!

mgcp behavior rsip-range tgcp-only

mgcp behavior comedia-role none

mgcp behavior comedia-check-media-src disable

mgcp behavior comedia-sdp-force disable

!

mgcp profile default

!

!

!

!

!

!

!

line con 0

 login authentication local_access

 no modem enable

line aux 0

line vty 0 4

 access-class 23 in

 privilege level 15

 login authentication local_access

 transport input telnet ssh

!

scheduler allocate 20000 1000

!

end

3 Replies 3

Tim Y
Level 1
Level 1

Hi,

Check your routing table with show ip route.

There are likely two default routes with the same administrative distance that are both being used equally (load balanced).

Except one of your routes (ip route 0.0.0.0 0.0.0.0 FastEthernet4) is not going to work because you specified an interface which means it's going to ARP for every destination IP, thinking it's directly connected and then fail. Plus, even if it did work, that's unnecessary, so you should definitely remove that route either way.

Regards,

Tim

Hi Tim,

I've deleted the fastethernet 4 route like you said. The one with: 0.0.0.0 0.0.0.0 [ISP default gateway] is still enable though, should I delete that one as well? Still unclear on what this exactly does?

I put in the show ip route and got the following result:

Router#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override, p - overrides from PfR

Gateway of last resort is not set

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan1
L 192.168.1.1/32 is directly connected, Vlan1

I'm assuming this is how it should look like. Currently my laptop is the only device connected to the router, can't connect the router to the modem until tomorrow. Once I get the results, I'll post them here. But should it look something like the output above?

I also deleted all the 'match' protocols, from what I understand that takes up a fair share of resources as well.

Hi there,

Leave the other route there - you need it. It's what is telling your router what to do with traffic destined for the Internet.

The one you deleted was a misconfigured route that was the likely cause of your router dropping half the packets.

When you connect the modem, your routing table will also include an S (static) route to 0.0.0.0. Just test and see how it goes. You should not be dropping half your packets now unless I'm missing something else.

Regards,

Tim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco