Re: Download Speed Problem - Cisco 806

TXLombardi · ‎09-25-2006

I have a Cisco 806 router with the firewall IOS release 12.3(20). The Internet connection is Road Runner cable. Upload speeds are what they should be, 375 kbs to 484 kbs, but the download speeds are terrible, usually around 175 kbs. When attaching a computer directly to the cable modem, the computer gets 4 mbs or more download.

The IOS is doing ip inspect in and out, NAT, and no access-lists in or out (removed them for testing). No matter what I do, the download bandwidth does not go up. I even removed both ip inspects with no better download speeds.

Is this router just not up to the task or am I missing something? Ideas and suggestions are welcome.

jackyoung · ‎09-25-2006

Please search the old posts that may be due to the MTU size or tcp-mss adjust issue.

Please provide the "show interface" to determine if there is packet drop or any error.

Hope this helps.

TXLombardi · ‎09-28-2006

Thank you for your reply and I appologize for not getting back to you sooner. MTU is 1500. I looked at old posts and many Cisco articles and tried to adjust MTU to 1492, but the "show interface" indicates the MTU is still 1500. I also played with the tcp-mss with no better results.

Below is the show interface. My running config, which was slightly edited to take out a few lines for security reasons is posted in another reply (too big for one post). The functionality of the script remains with interfaces and access-lists intact.

solroute#sh int

Ethernet0 is up, line protocol is up

Hardware is PQUICC Ethernet, address is 0009.b74d.fcce (bia 0009.b74d.fcce)

Description: Sailaway LAN Interface

Internet address is 10.10.10.1/24

MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Half-duplex, 10Mb/s

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output 00:00:00, output hang never

Last clearing of "show interface" counters never

Input queue: 0/32/0/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/100 (size/max)

5 minute input rate 45000 bits/sec, 7 packets/sec

5 minute output rate 33000 bits/sec, 7 packets/sec

108992 packets input, 17242741 bytes, 0 no buffer

Received 14238 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

0 input packets with dribble condition detected

123575 packets output, 69837637 bytes, 0 underruns

0 output errors, 2423 collisions, 0 interface resets

0 babbles, 0 late collision, 3464 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

Ethernet1 is up, line protocol is up

Hardware is PQUICC_FEC, address is 0009.b74d.fccf (bia 0009.b74d.fccf)

Description: Sailaway WAN Interface

Internet address is 70.124.217.227/21

MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive set (10 sec)

Half-duplex, 10Mb/s

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:00, output 00:00:05, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/5176/0 (size/max/drops/flushes); Total output drops: 0

Queueing strategy: fifo

Output queue: 0/40 (size/max)

5 minute input rate 36000 bits/sec, 12 packets/sec

5 minute output rate 39000 bits/sec, 1 packets/sec

2346123 packets input, 211244321 bytes, 58 no buffer

Received 2228622 broadcasts, 0 runts, 0 giants, 0 throttles

121 input errors, 0 CRC, 0 frame, 121 overrun, 0 ignored

0 input packets with dribble condition detected

117832 packets output, 17345591 bytes, 0 underruns

0 output errors, 419 collisions, 0 interface resets

0 babbles, 0 late collision, 5055 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

TXLombardi · ‎09-28-2006

Here is my running configuration, which was too large for my last post. Thanks for your help.

version 12.3

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname router

!

boot-start-marker

boot-end-marker

!

enable secret xxx

!

clock timezone est -5

clock summer-time edt recurring

no aaa new-model

ip subnet-zero

ip tcp window-size 750000

ip name-server 10.10.10.10

ip name-server 65.32.1.70

!

ip inspect name myfw ftp timeout 3600

ip inspect name myfw http timeout 3600

ip inspect name myfw rcmd timeout 3600

ip inspect name myfw realaudio timeout 3600

ip inspect name myfw smtp timeout 3600

ip inspect name myfw tftp timeout 30

ip inspect name myfw udp timeout 15

ip inspect name myfw h323 timeout 3600

ip inspect name myfw icmp

!

interface Ethernet0

description Sailaway LAN Interface

ip address 10.10.10.1 255.255.255.0

ip access-group 110 out

ip mtu 1492

ip nat inside

ip inspect myfw in

ip tcp adjust-mss 1452

no cdp enable

hold-queue 32 in

hold-queue 100 out

!

interface Ethernet1

ip address dhcp

ip mtu 1492

ip nat outside

ip inspect myfw out

no ip route-cache

ip tcp adjust-mss 1452

no cdp enable

!

ip nat inside source list 102 interface Ethernet1 overload

ip nat inside source static tcp 10.x.x.107 3389 70.124.217.227 3389 extendable

ip classless

no ip http server

no ip http secure-server

!

access-list 23 permit 10.10.10.0 0.0.0.255

access-list 102 permit ip 10.10.10.0 0.0.0.255 any

access-list 110 permit ip any any

access-list 111 permit icmp any any administratively-prohibited

access-list 111 permit icmp any any echo

access-list 111 permit icmp any any echo-reply

access-list 111 permit icmp any any packet-too-big

access-list 111 permit icmp any any time-exceeded

access-list 111 permit icmp any any traceroute

access-list 111 permit icmp any any unreachable

access-list 111 permit udp any eq bootpc any eq bootpc

access-list 111 permit udp any eq bootps any eq bootps

no cdp run

!

line con 0

stopbits 1

line vty 0 4

access-class 23 in

exec-timeout 120 0

login local

length 0

!

scheduler max-task-time 5000

sntp server 192.x.41.40

sntp server 192.x.41.41

end

jackyoung · ‎09-28-2006

Acording to the output, I found both interfaces are 10Mbps half-duplex. Can you double confirm the connected device is the same setting ?

Moreover, due to 806 is a low-end model, the performance is not high. Could you try to remove the "ip inspect" command from both Ethernet interface. Moreover, try to reconfigure the MTU to 1500 or just remove it. Because it is fixed by Ethernet interface. If the WAN side is DSL, you may need to configure it.

If you remove the "ip inspect" command and the router becomes faster then you may consider to disable this feature or upgrade the router to higher model. e.g. 85x or 87x model.

Hope this helps.

TXLombardi · ‎09-29-2006

Connected devices are set to the same settings as the router - 10 Mbps, half-duplex. The ip inspect command was removed as was the MTU entry which attempted to change the MTU to 1492 but did not. The MTU has always been 1500.

After removing the commands, the speed increased by a factor of 6. The download speed is now over 1200 Kbs, which is still low for the broadband connection I have.

I guess the 806 is just not up to the challenge. That is surprising since I had a cheap $50 Linksys router on the line until a storm zapped it. Bandwidth measured with it in place frequently approached 5 Mbps download. Looks like it is time to deep six the Cisco router and buy its cheaper cousin.

Thanks for your help.

jackyoung · ‎10-02-2006

You're welcome. I believe the Linksys router is a updated model and many of the processing may be hardware-based. And the 806 is outdated and even EOS, many processes are running on CPU, so more process will cause higher loading. And there are many features that you may not required but built-in the router, so it also slow down it.

If only for DSL Internet connection, Linksys may be better. Simplier is faster. Just my 2 cents. :)