cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4542
Views
0
Helpful
12
Replies

Internet access is slow due to heavy traffic

 

Hello engineers,

    our customer has a cisco 3750 router in which they configured PAT for internet access.  Total 500 users are sharing the 4 Mbps internet line ,

Most of the time performance of internet access is good. But today the users are complaining about poor internet speed .  I checked with ISP about any problem in their end but they said there is no problem.  

Now want can i do to improve (or normal)  the internet speed. The customer is not willing to increase the Bandwidth of the internet line to more than 4 Mbps.

12 Replies 12

Joseph W. Doherty
Hall of Fame
Hall of Fame

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

"3750 router"?  Since you mention PAT, I assume this is a router and not the 3750 L3 switch.  Did you mean a 3745 router?

 

What kind of media is the 4 Mbps Internet?

 

For egress (to the Internet) I would recommend fair-queue queuing, and shaping if physical hand-off bandwidth is more than 4 Mbps.

 

For ingress (from the Internet), there's not much you can do.  If you can identify some high bandwidth traffic, which you consider of low importance, you could police it.  However, as you policer is downstream of the 4 Mbps, policing some traffic may, or may not, have an effect.

Slow down facebook, youtube and other social networks... Use NBAR to track and give it low priority

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/

Hello Everybody,

       i done some more observation onthis issue and i posting it here

1.  I isolated the internet router from the problem list by checking the internet speed from placing a  laptop directly connecting to the router instead of firewall  .And the internet speed i got is 3.85 Mbps ( appro 4 Mbps ) so i decide the ISP and ISP router is has no problem.

2. we are using a Microsoft TMG as a proxy server for blocking FB ,youtube and other unwanted sites we don't want.So users cannot put any downloads or surf high BW consuming sites. Next When i ping the Public DNS ip from the proxy server ,it is getting reply in 2350 ms approximately  during office hrs .    

3.  During non office hrs , i ping the same public DNS ip and getting the reply with in 100 ms time and the internet is also speedy.

i want to know can a virus or any malwares in the network can cause this problem ?

 

Thanks and regards, 

With 4 Mbps you give 0.008 Mbps to each user 500 users, it's quite low. try get a report from your Proxy server and understand what is consuming so much traffic.  Probably if you have direct access to internet for some specific purposes (not using proxy) run a SPAN on you switch

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/

Thanks JosephDoherty ,

       I posted the router model wrongly , the correct router is Cisco 2900 series .

I need some reference doc or guides about fair-queue queuing, and traffic shaping. Kindly share it if u have 

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

The configuration guide for you IOS version will describe CBWFQ.

 

If you have questions about it, after reading about it, post your questions.

salman abid
Level 1
Level 1

Hi Mdaswathali,

 

Can you please post the configuration here

 

Hi all ,

  Yet the problem is not resolved . 

I am posting the configuration of our internet router here

Router#sh run
Building configuration...

Current configuration : 4809 bytes
!
! Last configuration change at 12:33:13 UTC Thu Feb 27 2014 by X
! NVRAM config last updated at 12:33:14 UTC Thu Feb 27 2014 by X
! NVRAM config last updated at 12:33:14 UTC Thu Feb 27 2014 by X
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 4 WnYEcASOYagc86Y6f2G/9Wx3t5M7UI9VSsAkexva2Cs
!
no aaa new-model
!
!
no ipv6 cef
 --More--         ip source-route
ip cef
!
!
!
!
!
ip domain name yourdomain.com
ip name-server x.x.x.179
ip name-server x.x.x.134
ip name-server x.x.x.10
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-681320622
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-681320622
 revocation-check none
 rsakeypair TP-self-signed-681320622
!
!
 --More--         crypto pki certificate chain TP-self-signed-681320622
 certificate self-signed 01
  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 36383133 32303632 32301E17 0D313230 37323031 35313435 
  325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3638 31333230 
  36323230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  8DB3A487 96178772 C4481791 E74E450E 71FA54A9 40DA224B 382B150E 4D2C300C 
  C247C0FA 86FA2536 E16D6B3F 72AD5214 93986723 7E8B639F A2427632 B4FE617B 
  1A76FDC0 8EB510C1 5ADC9E14 FD520D0B 8B184C7A 417A2D3E 4CE9E4EC 4ACF5412 
  36840263 8B2B9F29 FBC2BAB7 1C5FA2E5 B6824970 B3E9C115 C3090583 1F0ED213 
  02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 
  23041830 16801421 89B59A64 B289D125 1A5CD34E C2508C23 BDC1B330 1D060355 
  1D0E0416 04142189 B59A64B2 89D1251A 5CD34EC2 508C23BD C1B3300D 06092A86 
  4886F70D 01010505 00038181 00099ED8 2E42E250 8D60B716 518B2FE1 324BE2DA 
  2F457718 7F652D81 99231088 AFEA1BF7 4948AFFA EBE833EF 9781C29D 9D90CFF1 
  FB72133C E068E898 26AC8B24 6CDA7053 845D0008 358C7790 419260DB D27A58C6 
  0F9674A7 EE8974CE 79D528FC 423C475E 056F0348 67FD4940 04D8DA18 7B483576 
  8005B05C BD6675F0 2146C52A 50
      quit
license udi pid CISCO2921/K9 sn FGL1629133X
!
!
  username XXXX privilege 15 secret 4 WnYEcASOYagc86Y6f2G/9Wx3t5M7UI9VSsAkexva2Cs
!
redundancy
!
!
!
!

!
!
bridge irb
!
!
!
!
interface Multilink1
 ip address X.X.X.1 255.255.255.224
 ip nat outside
 ip virtual-reassembly in
 ppp multilink
 ppp multilink group 1
!
interface Embedded-Service-Engine0/0
 no ip address
 --More--          shutdown
!
interface GigabitEthernet0/0
 description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
 ip address 10.10.10.1 255.255.255.248
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 description "LAN"
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface GigabitEthernet0/2
 description "LAN"
 no ip address
 duplex auto
 speed auto
 bridge-group 1
!
interface Serial0/0/0
 no ip address
 --More--          ip virtual-reassembly in
 encapsulation ppp
 ppp multilink
 ppp multilink group 1
!
interface Serial0/0/1
 no ip address
 encapsulation ppp
 ppp multilink
 ppp multilink group 1
!
interface Serial0/1/0
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/1/1
 no ip address
 shutdown
 clock rate 2000000
!
interface GigabitEthernet0/2/0
 no ip address
 shutdown
 --More--          duplex auto
 speed auto
!
interface BVI1
 ip address 192.168.12.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 10 interface Multilink1 overload
ip route 0.0.0.0 0.0.0.0 Multilink1
!
access-list 10 permit 192.168.12.0 0.0.0.255
access-list 10 permit 10.10.10.0 0.0.0.7
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 permit tcp any eq www 210.212.240.3 0.0.0.32
access-list 100 permit tcp any eq domain 210.212.240.3 0.0.0.32
access-list 100 permit udp any eq domain 210.212.240.3 0.0.0.32
access-list 100 permit tcp any eq 443 210.212.240.3 0.0.0.32
access-list 100 permit icmp any any
!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
!
line con 0
 login local
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
line vty 5 15
 access-class 23 in
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler allocate 20000 1000
end

Router#

Leo Laohoo
Hall of Fame
Hall of Fame

Cisco Application Visibility and Control (AVC)

Currently, this is not yet applicable but application-based bandwidth throttling via AVC is coming soon.  

 

Hi all,

   I checked the txload and reload of router's multilink interface , it is showing that  txload 20/255, rxload 255/255 . Any suggestions over this .

Router#sh int bvi 1

BVI1 is up, line protocol is up 
  Hardware is BVI, address is 30f7.0d5a.f211 (bia 0000.0000.0000)
  Internet address is 192.168.12.1/24
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 5000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/57/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 262000 bits/sec, 309 packets/sec
  5 minute output rate 3891000 bits/sec, 371 packets/sec
     175296484 packets input, 3015597918 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     250590737 packets output, 2366167063 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
Router#
Router#sh int   mul 1
Multilink1 is up, line protocol is up 
  Hardware is multilink group interface
  Internet address is X.X.X.1/27
  MTU 1500 bytes, BW 3088 Kbit/sec, DLY 20000 usec, 
     reliability 255/255, txload 20/255, rxload 255/255
  Encapsulation PPP, LCP Open, multilink Open
  Stopped: CDPCP
  Open: IPCP, loopback not set
  Keepalive set (10 sec)
  DTR is pulsed for 2 seconds on reset
  Last input 00:00:00, output never, output hang never
  Last clearing of "show interface" counters 4w6d
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 139141
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 3856000 bits/sec, 378 packets/sec
  5 minute output rate 245000 bits/sec, 311 packets/sec
     268324835 packets input, 514383875 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     136537 input errors, 0 CRC, 102803 frame, 17327 overrun, 973 ignored, 15434 abort
     192488032 packets output, 3006835176 bytes, 0 underruns
     0 output errors, 0 collisions, 1901 interface resets
    11 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
     0 carrier transitions
Router#

136537 input errors, 0 CRC, 102803 frame, 17327 overrun, 973 ignored, 15434 abort
0 output errors, 0 collisions, 1901 interface resets

These line errors found in your Multilink interface does not bode well.  

 

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Well besides the errors Leo noted, your ingress is running at 100% for 5 minutes; likely explains your Internet slowness.

 

If you can determine whether there a particular flow or flows using most of the bandwidth, you could either  block them or police them.  If the flows are TCP based, you can also shape their return ACKs (although very difficult to tune for optimal bandwidth usage).

 

Lastly, third party companies make dedicated traffic shaping appliances the can do some "tricks" for managing inbound bandwidth consumption.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco