04-11-2008 04:48 PM - edited 03-03-2019 09:31 PM
We have 4 1410 bridges between 2 buildings (point to point). each set of bridges sits behind an 1841 router that is helping us with load balancing across both bridges and doing VPN tunnels. Anytime we do a file copy (30mb or higher) the CPU on the router jumps up to 60+% and the performance dies on the bridge, even EIGRP hellos are not making it through so it removes the neighbor and causes a couple second outage. I am not sure if it just the 1841 not being able to handle this or something else. I am using CEF per-destination with EIGRP and doing 3des-md5 tunnels between each set of bridges. It seems there is really no config needed for cef per-destination, just turning on cef takes care of that. If it is the router, what router can handle 108mb/s of load-balanced, vpn encrypted traffic.
Solved! Go to Solution.
04-11-2008 08:37 PM
Hi, as you noticed, the problem is not the VPN, but the CPU performance itself. The 1841 is a small wan router and is not apt for sustained LAN to LAN usage. I was suggesting a L3 device because it does wire-speed routing, but of course doesn't do VPN.
Attached a document with info on router performance. The embedded VPN module is adequate for most uses and does not requires upgrade.
Hope this helps, please rate post if it does!
04-11-2008 08:03 PM
Hi, that cpu usage for the 1841 is normal under sustained network usage. You would need a bigger router to be sure you can make the copies at high speed. else if yuo can do without the vpn tunnels and only rely on wireless encryption, you can use a L3 switch as small as a 3560-8PC that allows wire-speed on all ports plus and routing protocols, etc.
Hope this helps, please rate post if it does!
04-11-2008 08:05 PM
Thanks, the customer requires the VPN. We tried turning it off and still saw the processor on the 1841 running between 50-60% when transferring several 100mb files across the wireless. Any suggestions on what would be a better router (was thinking maybe 2821), is the VPN AIM module necessary?
04-11-2008 08:37 PM
Hi, as you noticed, the problem is not the VPN, but the CPU performance itself. The 1841 is a small wan router and is not apt for sustained LAN to LAN usage. I was suggesting a L3 device because it does wire-speed routing, but of course doesn't do VPN.
Attached a document with info on router performance. The embedded VPN module is adequate for most uses and does not requires upgrade.
Hope this helps, please rate post if it does!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide