Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
508
Views
0
Helpful
3
Replies

Intermittent Slowness

rmujeeb81
Level 1
Level 1

‎01-18-2011 10:45 AM - edited ‎03-04-2019 11:07 AM

Hello All,

We have following scenario in internet block at one of our enterprise customer,

2 * ASA firewalls (Active/Standby) ------L2 Switch------- 2 * Internet Routers

Ospf is configured among ASA and internet routers. Each router having 16 Mbps link to ISP and originating default route towards firewall. 2nd router/link is being used for web traffic (internet browsing). Firewall forwards traffic to both routers using 2 * equal cost default routes so some outbound traffic lands on first router where policy based routing is being used to redirect HTTP traffic from a specific ip address ( NATed public ip address for end users i.e outside interface's ip address of ASA) towards 2nd internet router. Now we are recieving complaint of intermittent slowness for internet browsing and users needs to refresh web browser may time to get the web page specially dynamic websites like BBC. Link is working fine without any packet drops or errors. Is the above setup can cause this problem ?

Thanks

Labels:
0 Helpful
3 Replies 3

lgijssel
Level 9
Level 9

‎01-18-2011 11:11 AM 

Is the above setup can cause this problem ?

Could it?  No, we all do it like this, don't we?

The best way to test this is to -temporarily- disable the second Internet link. If the problem is gone after that you should know enough.

Otherwise, you should provide more deatails for us to verify your settings. A nice little drawing would also help.

Goodluck finding the problem!

regards,

Leo

0 Helpful

rmujeeb81
Level 1
Level 1
In response to lgijssel

‎01-19-2011 01:09 AM

Hi,

I did packet capture and found that TCP connection is getting reseted for some destinations. Kindly find the attached file for packet capture sanpshot.

Also we conduct a test by configuring NAT to separate public IP address for all user subnets going to a specific destination on internet (one of the website for which users were getting disconnection ). After that change we didn't recieve any complaint for that particular website. Kindly note that the new NATed ip address is not subject to policy based routing ( No redirection of web traffic towards 2nd router if traffic comes throgh that new public ip address) although inbound traffic from internet for this new IP address is still through the 2nd internet link.

Thanks

Preview file
240 KB
0 Helpful

lgijssel
Level 9
Level 9
In response to rmujeeb81

‎01-19-2011 10:04 AM 

Also we conduct a test by configuring NAT to separate public IP address for all user subnets going to a specific destination on internet (one of the website for which users were getting disconnection ). After that change we didn't recieve any complaint for that particular website.

So then I guess you have an idea of how to find a solution?

regards,

Leo

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card