Re: DMVPN - Tunnel bandwidth recieve / transmit

Samer Abuseini · ‎01-27-2019

Hi

I have multiple nodes (routers ) connected through DMVPN with my two DC's , most of the sites complaining about the speed and slowness of the data flow with other nodes , here is one of the DC config :

interface Tunnel0
description (VPN-CON)
bandwidth 200000
ip address 192.168.0.201 255.255.255.0
no ip redirects
ip mtu 1400
ip wccp 62 redirect in
no ip next-hop-self eigrp 5
ip flow ingress
ip nhrp authentication VPN
ip nhrp map multicast dynamic
ip nhrp map 192.168.0.1 PUBLIC IP
ip nhrp map multicast PUBLIC IP
ip nhrp map multicast PUBLIC IP
ip nhrp map 192.168.0.250 PUBLIC IP
ip nhrp network-id 100000
ip nhrp holdtime 600
ip nhrp nhs 192.168.0.250
ip nhrp nhs 192.168.0.1
ip nhrp registration no-unique
ip tcp adjust-mss 1360
no ip split-horizon eigrp 5
load-interval 30
delay 1500
qos pre-classify
tunnel source GigabitEthernet0/0.211
tunnel mode gre multipoint
tunnel key 100000
tunnel protection ipsec profile SDM_Profile1
end

on sh int tun0 :

Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)

looks like the default value for recieving and transmitting is 8mb , if i increase the value would it affect the data flow BW on tunnel interface ? and what about the bandwidth 200000 in my tunnel interface config ?

Thanks

Mark Malone · ‎01-27-2019

Hi
the tunnel bandwidth should be the speed of the wan link , so if its 10mb bandwidth 10000 , is yours 25 ?
config looks right
is the wan link itself slow , is there latency , is the physical interface clean of errors ?

Samer Abuseini · ‎01-27-2019

Hi

Thanks for your response .

My WAN link is 70mb , my tun0 interface is configured with bandwidth 200mb as shown in config , no errors on physical interface :

sh int gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up
Hardware is CN Gigabit Ethernet, address is 503d.e562.0bd8 (bia 503d.e562.0bd8)
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
Keepalive set (10 sec)
Full Duplex, 1Gbps, media type is RJ45
output flow-control is unsupported, input flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/249 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4453000 bits/sec, 898 packets/sec
5 minute output rate 3421000 bits/sec, 877 packets/sec
     3146941362 packets input, 376564804 bytes, 28 no buffer
     Received 6508 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 1 throttles
     0 input errors, 0 CRC, 0 frame, 1152630 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     1884745 packets output, 760996660 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

Any more suggestions ?

Thanks in advance

Georg Pauwen · ‎01-27-2019

Hello,

can you elaborate on what 'slow' traffic means in your case ? Which traffic is slow ? How many spokes do you have, and do they al have 70MB links ? Also, since you are using the qos pre-classify command on the tunnel, what traffic is being marked and how, coming into the router ?

Samer Abuseini · ‎01-29-2019

hi

slowness : for example i have a node in another geographical location that is connected to my dc (server farm) in Head quarter using DMVPN tunnel requesting instances on ERP system , and almost most of the time the speed rate is 8 kbps , note that the WAN speed on both sides aren't identical , on one of them is 70 m and the other is 15m . i saw the overrun on the physical WAN interface on my router is huge , i am not quite sure what this leads to ?

i copied my policy-map config :

Nuqul_Secondary_RTR#sh policy-map
Policy Map QOS_Dubai_pol
    Class QOS_Dubai_cm
      priority 1024 (kbps)
     police cir 14000000 bc 437500
       conform-action transmit
       exceed-action drop

Policy Map QOS_Morocco_pol
    Class QOS_Morocco
      bandwidth 1024 (kbps)

Policy Map h323-policy
    Class h323
      set dscp ef
    Class VOip_map
     police cir 1000000 bc 31250
       conform-action transmit
       exceed-action drop

Nuqul_Secondary_RTR#sh class-map
Class Map match-any QOS_Dubai_cm (id 1)
   Match access-group name QOS_Dubai

Class Map match-all VOip_map (id 2)
   Match access-group name voip
   Match protocol rtp

Class Map match-any class-default (id 0)
   Match any

Class Map match-any QOS_Morocco (id 3)
   Match access-group name Morocco

Class Map match-any h323 (id 4)
   Match protocol sip
   Match protocol h323

#sh access-lists
Extended IP access list Morocco
    10 permit ip any host 41.143.255.36
Extended IP access list QOS_Dubai
    10 permit ip any host 213.42.65.186
    20 permit ip any 10.20.0.0 0.0.255.255
Extended IP access list voip
    10 permit udp 10.200.0.0 0.0.255.255 10.100.0.0 0.0.255.255 (218989697 matches)
    20 permit udp 10.1.0.0 0.0.255.255 10.100.0.0 0.0.255.255 (399248081 matches)

Mark Malone · ‎01-27-2019

Huge amount of overruns are they incrmenting ?

no buffers too only few though

Port looks to be struggling with traffic coming into the buffer , too much too quick could ave a knock on effect for traffic as its being retransmitted when buffer is fulll

Overruns appear in the output of the show interface command when the receiver hardware is unable to hand received data to a hardware buffer because the input rate exceeds the receiver's ability to handle the data.

k.alexey3601 · ‎01-27-2019

Hi.

Just from privious post:

" Tunnel bandwidth transmit and tunnel bandwidth receive are only used with RBSCP - rate based satellite control protocol. "