G2 Router rsync Problems

frank.trampe · ‎10-03-2019

I have a Cisco 1921 routing via NVI that is seemingly causing odd issues with rsync. The connection works for a little bit at the beginning, ACK starts lagging SEQ by a wide margin, and then there's some chaos. It seems that the remote host is receiving all of the data, since it complains about duplicate transmissions, so maybe some ACK packets are just highly delayed. But it is not clear exactly what is wrong. Does this look familiar to anybody?

!
! Last configuration change at 12:59:29 UTC Thu Oct 3 2019 by cisco
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ht312-router
!
boot-start-marker
boot system usbflash0 c1900-universalk9-mz.SPA.157-3.M2.bin
boot-end-marker
!
!
enable secret 5 $4$MExE$REDACTED/REDACTED/XXX/
!
no aaa new-model
!
!
!
!
!
!
!
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.0.1 192.168.0.63
ip dhcp excluded-address 192.168.2.1 192.168.2.16
ip dhcp excluded-address 192.168.4.1 192.168.4.15
!
ip dhcp pool cvo-pool
 import all
 network 10.10.10.0 255.255.255.248
 default-router 10.10.10.1 
 lease 0 2
!
ip dhcp pool dhcp0
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1 
 dns-server 192.168.0.1 208.67.222.123 208.67.220.123 8.8.8.8 
 accounting default
!
ip dhcp pool dhcp2
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1 
 dns-server 192.168.2.1 8.8.8.8 8.8.4.4 
 option 43 hex f104.c0a8.020e
 accounting default
!
ip dhcp pool dhcp12
 network 192.168.4.0 255.255.255.0
 dns-server 192.168.0.1 208.67.222.123 208.67.220.123 
 accounting default
!
!
!
ip domain name local
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
cts logging verbose
!
!
license udi pid CISCO1921/K9 sn XXXXXXXXXXX
!
!
username cisco privilege 15 secret 5 $4$JE78$REDACTED0REDACTED0XXX.
!
redundancy
!
!
!
!
!
! 
!
!
!
!
!
bridge irb
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
! Trunk to main switch.
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.1
 encapsulation dot1Q 1 native
 bridge-group 1
!
interface GigabitEthernet0/0.2
 encapsulation dot1Q 10
 bridge-group 2
!
interface GigabitEthernet0/0.12
 encapsulation dot1Q 12
 bridge-group 12
! Uplink to modem.
interface GigabitEthernet0/1
 ip address dhcp
 no ip redirects
 no ip proxy-arp
 ip flow ingress
 ip nat enable
 ip virtual-reassembly in
 duplex auto
 speed auto
! Main internal network.
interface BVI1
 ip address 192.168.0.1 255.255.255.0
 no ip redirects
 ip nat enable
! Wireless infrastructure network.
interface BVI2
 ip address 192.168.2.1 255.255.255.0
 no ip redirects
 ip nat enable
! Guest network.
interface BVI12
 ip address 192.168.4.1 255.255.255.0
 no ip redirects
 ip nat enable
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat source list 1 interface GigabitEthernet0/1 overload
ip nat source static tcp 192.168.0.35 22 interface GigabitEthernet0/1 2930
ip nat source static tcp 192.168.0.35 3030 interface GigabitEthernet0/1 3030
!
logging history size 128
!
!
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 1 permit 192.168.0.0 0.0.255.255
access-list 23 permit 10.10.10.0 0.0.0.7
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
bridge 12 protocol ieee
bridge 12 route ip
!
no vstack
!
line con 0
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
! Hack for NVI bug.
scheduler allocate 20000 1000
event manager environment _internet_route_established_phrase LINK-3-UPDOWN
event manager directory user policy "usbflash0:/"
event manager policy fix_nvi.tcl
!
end