Re: slow network

tmssupport · ‎10-10-2008

We have various small branches with cisco 26xx/16xx series connecting to the head Office Cisco 2621 via IPVPN.

Lately, the users are complainig of slow response.

Please advise the ways to diagnose and monitor the traffic.

thiru.vel10 · ‎10-11-2008

Could you please let us know this 2621 router have the hardware VPN accelerator? If you using software crypto engine means it will take more cpu process due to that your performance will be slow. For this upgrade the IOS with IPSECservice

tmssupport · ‎10-12-2008

The network had been working fine until lately.

The IPVPN is provided by the ISP.

The routers are configured with BGP & OSPF for dynamic routing.

Below is the router config :-

interface FastEthernet0/0

ip address 192.168.20.24 255.255.255.0

no ip redirects

duplex auto

speed auto

standby 1 ip 192.168.20.34

standby 1 preempt

standby 1 track FastEthernet0/1

standby 2 ip 192.168.20.33

standby 2 priority 95

standby 2 preempt

!

interface FastEthernet0/1

ip address 172.16.1.1 255.255.255.0

no ip redirects

duplex auto

speed auto

!

router ospf 100

no log-adjacency-changes

summary-address 202.x.y.0 255.255.255.0

redistribute bgp 65000 subnets

passive-interface FastEthernet0/1

network 192.168.20.0 0.0.0.255 area 0.0.0.0

!

router bgp 65000

bgp log-neighbor-changes

network 192.168.20.0

network 192.168.21.0

network 0.0.0.0

timers bgp 10 40

redistribute connected

redistribute static

neighbor 202.x.y.217 remote-as 9255

neighbor 202.x.y.217 ebgp-multihop 3

neighbor 202.x.y.217 route-map MED-10 out

no auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.20.31

ip route 192.168.21.0 255.255.255.0 192.168.20.31

ip route 202.x.y.216 255.255.255.252 172.16.1.2

no ip http server

!

access-list 10 permit 0.0.0.0

access-list 10 permit 192.168.21.0 0.0.0.255

route-map MED-10 permit 10

match ip address 10

set metric 10

!

snmp-server community public RO

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

Please advise.

regards,

sschulak · ‎10-11-2008

check cpu

show proc cpu hi

show proc cpu sort

check interface for error and duplex

show int | i rel

show int | i err

look and see if all arp entries have same timeout, they should all be varied

sho ip arp

check circuit utilization

set load-interval to 30 on all interfaces

check for DE bits if you have frame-relay

show frame pvc

configure netflow top talkers

configre ip nbar application discovery

verify there are no mtu problems

run extended ping from router to router at 1500 bytes with df bit set

post the output of all of this and I can probaly point out something

sschulak · ‎10-12-2008

try also looking at the desktop its self, go throught and tune the OS to run faster, chances are they have a bunch or programs running in the background, themes, multiple personal FWs, click start then run and type in msconfig and go through and click on the startup tab and uncheck everything not needed, then click on services tab and stop the services not needed.

lastly turn on ip netflow top talkers and configure the load-interval on all interfaces to 30 so you can see if there are data bursting spikes, when there is a spike issue the show ip flow top command and find out what system and application is bursting. There are many ways to control bursting apps , CAR policy on interface would be easy