I have a 16/4 connection from Comcast. When plugged directly into the comcast modem downloads truck at 2-3meg/sec. However if I go on the other size of my 1841 router (also routing an MPLS) things will fly for a few seconds and then stop cold. You can restart 10-15 times and each time get a few meg into the download and stop at different points each time. Any idea whats up? How do I begin to debug a problem like this?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
1841 router chokes on fast downloads...
- Thread starter nmessick
- Start date
imbadatthis
Technical User
maybe its congestion ?
are you running any policing on this? doesn't sound like shaping as it would try to buffer and keep it at some steady speed.
any qos on this router?
post config
We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
are you running any policing on this? doesn't sound like shaping as it would try to buffer and keep it at some steady speed.
any qos on this router?
post config
We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
- Thread starter
- #3
Its an MPLS router on S0 to a remote location, internet router/VPN for teleworkers, and routes the data/voice subnets locally. There is QOS for VOIP on the MPLS, but thats about it. I did notice the "Web-QOS" policy set to policing....! I'm not totally sure why thats there. Some of this is left over from other configerations.
show run
Building configuration...
Current configuration : 23526 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 52000 warnings
logging console critical
!
!
!
aaa session-id common
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip inspect name ping icmp
ip inspect name ping tcp
ip inspect name ping udp
ip inspect name ping dns
ip inspect name ping microsoft-ds
ip inspect name ping ms-cluster-net
ip inspect name ping ms-dotnetster
ip inspect name ping ms-sna
ip inspect name ping ms-sql
ip inspect name ping ms-sql-m
ip inspect name ping msexch-routing
ip inspect name ping netbios-dgm
ip inspect name ping netbios-ssn
ip inspect name ping r-winsock
ip inspect name ping clp
ip inspect name ping cisco-net-mgmt
ip inspect name ping cisco-sys
ip inspect name ping cisco-tna
ip inspect name ping cisco-fna
ip inspect name ping cisco-tdp
ip inspect name ping cisco-svcs
ip inspect name ping stun
ip inspect name ping tr-rsrb
ip inspect name ping dbcontrol_agent
ip inspect name ping giop
ip inspect name ping net8-cman
ip inspect name ping orasrv
ip inspect name ping oem-agent
ip inspect name ping oracle
ip inspect name ping oraclenames
ip inspect name ping oracle-em-vp
ip inspect name ping rdb-dbs-disp
ip inspect name ping rtc-pm-port
ip inspect name ping ttc
ip inspect name ping citrix
ip inspect name ping citriximaclient
ip inspect name ping ica
ip inspect name ping icabrowser
ip inspect name ping cddbp
ip inspect name ping dbase
ip inspect name ping mysql
ip inspect name ping sqlsrv
ip inspect name ping sqlserv
ip inspect name ping sqlnet
ip inspect name ping ftp
ip inspect name ping ftps
ip inspect name ping kermit
ip inspect name ping uucp
ip inspect name ping tftp
ip inspect name ping nfs
ip inspect name ping telnet
ip inspect name ping telnets
ip inspect name ping rtelnet
ip inspect name ping rcmd
ip inspect name ping ssh
ip inspect name ping sshell
ip inspect name ping pcanywheredata
ip inspect name ping pcanywherestat
ip inspect name ping x11
ip inspect name ping xdmcp
ip inspect name ping entrust-svcs
ip inspect name ping entrust-svc-handler
ip inspect name ping n2h2server
ip inspect name ping realsecure
ip inspect name ping creativeserver
ip inspect name ping creativepartnr
ip inspect name ping cifs
ip inspect name ping fcip-port
ip inspect name ping hp-alarm-mgr
ip inspect name ping hp-collector
ip inspect name ping hp-managed-node
ip inspect name ping irc
ip inspect name ping irc-serv
ip inspect name ping ircs
ip inspect name ping ircu
ip inspect name ping ipass
ip inspect name ping netstat
ip inspect name ping nntp
ip inspect name ping tarantella
ip inspect name ping ncp-tcp
ip inspect name ping iscsi-target
ip inspect name ping iscsi
ip inspect name ping send-tcp
ip inspect name ping sms
ip inspect name ping webster
ip inspect name ping who
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW ntp
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW ftps
ip inspect name SDM_LOW tcp alert on audit-trail off
ip inspect name SDM_LOW udp alert on audit-trail off
!
!
ip ips sdf location flash://128MB.sdf
ip ips notify SDEE
ip ips name sdm_ips_rule
no ip bootp server
!
!
!
crypto pki trustpoint TP-self-signed-1438219780
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1438219780
revocation-check none
rsakeypair TP-self-signed-1438219780
!
crypto pki trustpoint tti
revocation-check crl
rsakeypair tti
!
!
crypto pki certificate chain TP-self-signed-1438219780
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
quit
crypto pki certificate chain tti
!
!
class-map match-all webqos
match access-group 110
class-map match-any voice-signaling
match ip dscp cs3
match ip dscp af31
match ip dscp af41
class-map match-all tcp_traffic
match access-group 110
class-map match-any voice
match ip dscp ef
match ip precedence 5
!
!
policy-map WebQOS
class tcp_traffic
police 150000 280000
policy-map voice-qos
class voice
priority percent 20
class voice-signaling
bandwidth percent 5
class class-default
fair-queue
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key xxx address xxxx 255.255.255.0
crypto isakmp key xxx address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to 10.1.10.10
set peer xxx
set transform-set ESP-3DES-SHA
match address 108
reverse-route
!
!
!
interface Null0
no ip unreachables
interface FastEthernet0/0
description "Data Subnet"
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip flow egress
ip route-cache flow
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/0.1
description $FW_INSIDE$$ETH-LAN$
encapsulation dot1Q 1 native
ip address 192.168.2.1 255.255.255.0 secondary
ip address 192.168.2.200 255.255.255.0
ip access-group 104 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no snmp trap link-status
!
interface FastEthernet0/0.2
description $ETH-LAN$$FW_INSIDE$
encapsulation dot1Q 2
ip address 192.168.4.1 255.255.255.0
ip access-group 105 in
ip helper-address 192.168.2.1
ip helper-address 192.168.2.5
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
no snmp trap link-status
!
interface FastEthernet0/1
description Internet$FW_OUTSIDE$$ETH-LAN$
ip address 10.1.10.185 255.255.255.0
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip inspect SDM_LOW in
ip inspect SDM_LOW out
ip flow ingress
ip flow egress
ip ips sdm_ips_rule in
ip ips sdm_ips_rule out
ip nat outside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1460
duplex auto
speed auto
random-detect
no mop enabled
crypto map SDM_CMAP_1
!
interface Serial0/0/0
description "T1 to xxx"$FW_INSIDE$
ip address xxxx 255.255.255.252
ip access-group 102 in
ip helper-address 192.158.2.95
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip nat inside
ip virtual-reassembly
ip route-cache flow
service-policy output voice-qos
!
router eigrp 1
network 192.168.2.0
network 192.168.4.0
no auto-summary
!
router rip
version 2
network 192.168.2.0
network 192.168.4.0
no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.10.1
ip route 192.168.1.0 255.255.255.0 x
ip route 192.168.3.0 255.255.255.0 xxxx
ip route 192.168.5.0 255.255.255.0 xxxx
ip route xx255.255.255.255 xxx
ip flow-top-talkers
top 50
sort-by bytes
cache-timeout 5000
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source route-map SDM_RMAP_2 interface FastEthernet0/1 overload
!
no logging trap
ACL's Removed.
no cdp run
route-map SDM_RMAP_1 permit 1
match ip address 109
!
route-map SDM_RMAP_2 permit 1
match ip address 111
!
!
!
control-plane
!
banner login
!
line con 0
transp
- Thread starter
- #4
- Thread starter
- #6
- Thread starter
- #7
- Status
Similar threads
- Locked
- Question