04-24-2013 10:20 AM - edited 03-04-2019 07:42 PM
Hello,
We have a 1841 setup with WAN and LAN subinterfaced(2 WAN connections, 1 internal VLANs) and I am recieving some pretty horrible throughput when traversing the router to the WAN.
I am receiving about 2 MBPS down but around 5 up.
Currently there is a ACL on the WAN interface, and as well we are running NAT NVI. It is possible that this might have something to do with it, but I am not sure.
Most of the CPU is going to IP input however I cannot seem to determine the cause. One thing I am thinking is the overload for NVI is using a route-map. Could that cause it to process switch instead of fast/CEF switch?
Any suggestions?
Thanks
04-24-2013 03:44 PM
It is likely you are process switching instead of fast switching. Do a "show interface stats" and post that. Also post your relavent configs from the show run. There may be some commands you have used that are causing the router to process switch.
Toby
Sent from Cisco Technical Support Android App
04-25-2013 10:27 AM
Attaching the current running config.
FastEthernet0/0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 4456309 3285647619 111006 25476146
Route cache 69216 24364696 2566772 603725410
Total 4525525 3310012315 2677778 629201556
FastEthernet0/1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 443802 61700682 3488247 3228044935
Route cache 2720441 616285008 33163 17423382
Total 3164243 677985690 3521410 3245468317
Loopback0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 115289 6917336
Route cache 0 0 0 0
Total 0 0 115289 6917336
Loopback1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 115305 6918300
Route cache 0 0 0 0
Total 0 0 115305 6918300
NVI0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Tunnel0
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 119890 10857921 120278 10874071
Route cache 520435 406903997 81516 15006680
Total 640325 417761918 201794 25880751
Virtual-Access1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Virtual-Template1
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
Virtual-Template2
Switching path Pkts In Chars In Pkts Out Chars Out
Processor 0 0 0 0
Route cache 0 0 0 0
Total 0 0 0 0
04-25-2013 03:21 PM
1. Do you have CEF enabled? If you don't, enable.
2. Do you have any filters enabled? If you do, disable.
3. Do you have any hardware VPN and is it enabled? Use the command "sh crypto engine brief".
04-27-2013 08:18 PM
Daniel,
I have reviewed your configurations and based on the fact that you have CEF running the CPU spikes are not because of your router process switching everything. One issue I did see was all of your ACL's and Policy Based Routing that you have on your router. I am sure you are in a production environment but the first chance you can, I would recommend you cutting those all the way down to just one functional test group (1 - 10 IP's that can pass in and out of your router). Your config is nice, but I think for your 1841 you are just doing too much. You may need a router with a little more power. Do a test without all of your ACL's and Route-maps and see if your throughput increases. If it does then the issue is your router is just under powered and you need a bigger model. Maybe a 3800 series. If not then we can continue troubleshooting.
-Toby
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide