Cisco WAN :: 2821 - Lost Traffic When Multilink Drops T1
Feb 14, 2012
MPLS customer with 4 T1s in a multilink. If one of the T1s drops there is a brief delay in traffic picking back up and I actually lose packets from premise back to CO. You can see this loss both with pinging across the circuit and with techs on either end running JPerf. It can take as long as 6 seconds for the reconvergence to actually happen on the multilink and traffic picks back up. In my experience this is normal behavior for Mulitlinks
I'd also like to note that it is indeed much quicker reconvergence when you physically pull the T1, any of the T1s, rather than administratively shutting down one of them and I understand that the hardware is quicker than software and that's a good thing, obviously. I've tried this with and without ppp mulitlink fragment disabled on either end and every other combo between the two. Each of the 4 serial interfaces are on line timing and I tried free-running just on the off chance that it could imrpove the loss, but it gets worse.....back to line timing. I've even tried this on other CPE platforms like two different versions of Adtran CPEs and I get the same thing. Currently I have a new 2821 CPE in place and still get the same thing. Still see a brief amount of traffic loss up to 6-7 seconds or so at times.
7600 side:
interface Multilink592
ip vrf forwarding ******************
ip address *************************
load-interval 30
no peer neighbor-route
ppp multilink
ppp multilink group 592
ppp multilink fragment disable
no cdp enable
service-policy output VPN-TEMPLATE-2(code)
View 6 Replies
ADVERTISEMENT
Feb 18, 2013
I have a Cisco 2821 with two serial interfaces bundled using PPP multilink. I want to monitor traffic flow (net flow) on the multilink interface. I have tried configuring ip route-cache flow/ ip flow ingress / egress but no luck.The other thing is when I do sh ip cache flow I guess I should see the multilink interface in both Source and destination columns which is not happening (not showing in destination column).The other router with same config but with ATM sub-interface working properly (same IOS). Are there any hits on this ? Also, is it possible to use SPAN feature ? The monitoring server is at some other site (coming via WAN).
View 1 Replies
View Related
May 8, 2012
I have configured multicast (ip pim dense-mode) on two 2911 routers that are connected by a Multilink (3Mbps) Wan connection.The configuration work fine for awhile and sometimes all day but at some point one of the Multilink interfaces stop passing multicast traffic.I perform a sh multilink 1 on the interfaces and one interfaces show the multicast packets incrementing and the other does not, it just stops.The only fix for this is to hard reboot both routers and the multicast traffic begins to flow once again.
View 3 Replies
View Related
Dec 11, 2010
We have cisoc 2821 at one of branch and created five sub inetrfaces for different vlans.Output of Show interface shows very frequent increase in the input error count.I have changed the physical cable and switch port on the other side.But still error rate is increasing.When the traffic is less error rate is low but with high traffic it is increasing drastically.My router process is very less(4%) only.What could be possible reason. [code]
View 8 Replies
View Related
Jan 23, 2012
i have 2 routers, 2821 and 2811. they are connected via GRE over IPsec, and all of the traffic from 2821 is being routed to 2811 with a default route to its tunnel interface. 2821 needs to access internet through 2811 valid ip address, my question is that how should i nat the traffic on 2811 so that 2821 can access the internet?
View 1 Replies
View Related
Apr 19, 2010
I have a 2821 router with two T1 WICs and have the need to route FTP down one T1 and all other TCP traffic down another T1. All traffic is going to the same remote IP address. The remote sites are in different states, and I assume that the remote subnet is being bridged between the states. It's kind of a weird set up, but it's not my design.
Anyway, can I use a route map to split off FTP traffic to host A and send it down one T1 and have the rest of the IP traffic to host A go down the other T1? I also need to be able to have all traffic use one T1 in case the other T1 goes down.
My first thought was to static all IP down T1-1, then route map FTP traffic down T1-2, then have a floating static for all IP traffic down T1-2 with a higher metric. But something would have to track the T1 interfaces and I'm not sure if route maps or static routes can do that. Any thoughts on this?
View 2 Replies
View Related
Nov 2, 2011
i want to monitor interface traffic in/out by eem and the if the values is overer than some value i will change the policy. for example my router is 2821 is have 2 fastEthernet port , i want to monitor the traffic on fasE1/0 if traffic over than 80Mbps i will change some configuration ( example: change next-hop on static route) for via traffic to interface fasE1/1 for reduce the traffic on interface fasE1/0?
View 6 Replies
View Related
Mar 8, 2012
I have a Cisco 2821 with ios Version 12.4(21). On that router I have a WAN link that is 550mbit dual. The interface is 1000FD so i need to shape my output traffic to max 550mbit - otherwise my ISP policing is dropping the traffic.
I've looked at this document url... and i'm trying to use this interface command:traffic-shape rate
But the router wont accept rate value 550000000 that should be 550mbit in bits/s
Is it not possible to shape the traffic to 550mbit on the 2821 router?
View 10 Replies
View Related
Mar 28, 2011
I'm using a Cisco 2821 router to provide temporary Internet access for a private network of about 300 users for a conference at a hotel. The hotel has provided me a public IP address for the WAN side. On the LAN side I have a 10.x.x.x /8 subnet with the router providing DHCP and NATing (overload) across the WAN interface.
Users can pick up an IP address and access the web. Light web pages such as Google tend to load without issue, however if a user does something that takes more time, such as streaming a Youtube trailer or opening an RDP session, the connection will freeze.
It doesn't appear to be related to bandwidth availability. Pings return on average 10-15 ms. However, I will get a request time out about every 10th continual ping. Steaming video will load about 4-6 seconds worth of data, then will appear to freeze without dropping. Doing something like speedtest.net will send a large amount of data then will hang, without ever ending the conversation.
This doesn't happen when I plug a laptop directly into the hotel public Internet line. They also don't have issues with their network similar to this.
I do not have any ACLs, etc. loaded. The router is basically wide open as far as I can tell. I don't see the router resources getting used much at all.
View 1 Replies
View Related
Feb 29, 2012
I have hooked up to the Cisco 2821 router a T1 on Serial and Cable Modem to GigEth0/1 and I want to split outbound traffic so that all regular users will use G0/1 interface for web traffic and the rest of the traffic stays with the T1. I am having an issue where the users on the network are not able to use the internet when using the following config:
!
interface GigabitEthernet0/0.10
description Data
encapsulation dot1Q 50
[Code].....
View 11 Replies
View Related
Jan 5, 2012
On a 2821 Router with 15.1(3)T1
I have an IPSec VPN and NAT configured. Return traffic from an internal NAT host seems to be blocked by the WAN inbound ACL. What is the proper way to allow return traffic from the Internet for this internat NAT host? Note: As a test, removing the deny entry on the WAN ACL allows return traffic.
View 7 Replies
View Related
May 5, 2011
why I would see packet loss when BGP comes back up.We have 2 ASR1006's both running full tables of BGP to the same upstream ISP. We load balance the 2 links to them. the ASR's have an OSPF connection between them.When one pipe goes down we see not packet loss; however, when that pipe comes back up we see packet loss until the BGP table fully loads in that router again.
View 1 Replies
View Related
Aug 23, 2011
We have a 100 Mbps WAN circuit, we have configured an IPsec tunnel between ASA 5520 and Cisco 3845 Router for our DR site replication via Veeam Backup and Replication, it was working fine before, when we established the 3DES tunnel the traffic for certain subnets is dropped after an hour and it stops the replication, although tunnel remains up and we can access the other subnets, as soon as we clear the crypto SA and ISAKMP sessions on the firewall the traffic starts flowing again and then after an hour the traffic is dropped again.So far the testing and differnet configurations we tried are as under.
Tried with a different MTU size both on firewall and ESXi servers but nothing happened.Their is no QOS configuration.Checked the utilization on both ends its Noram although their are subsequent 100% spikes on Cisco 3845 but on average it remians at 30-40%.
View 6 Replies
View Related
Oct 3, 2010
We've got a cisco 2821 router which periodically stops routing all traffic. It seems to happen about once every 2 weeks, and I can't find anything that could be causing it. There are no entries in the log and the router stays up and running but requires a restart to begin processing traffic again. We're running 12.4(13r)T11.Any thoughts, or troubleshooting steps to track this down?
View 7 Replies
View Related
Apr 11, 2012
We have a switch gc2960. It has ports configured on vlan 27 and vlan 29.It is connected to switch ch3550. It has presence of vlan 27 vlan 29 and also vlan 18 and several other vlans.Our internet firewall is connected to ch3550. It is a fortinet product, so this is not indicated on the diagram.
When the two switches were connected on vlan 29 access ports, pc's on vlan 29 on gc2960 worked as expected. vlan 27 clients of course did not work.When we switched the connecting ports to trunk ports, some weird stuff happened. Clients on gc2960 on vlan 29 could ping and resolve dns, but not browse the intenet. The same was true for clients on gc2960 vlan 27. We verified that packets from the web were coming in through the firewall. What we were thinking, is that they somehow were not being tagged to vlan 29 even though we were trunking.
When we set native vlan 29 on the trunk, then clients on gc2960 vlan 29 operated as expected. However, clients on gc2960 vlan 27 are still having this problem, we can ping and resolve dns but not browse.Consider the other switch ch2960-jstreet which has presence of vlan 18 and vlan 27. It is also connected on trunk to ch3550. We are not using native vlan on this trunk, and traffic works as expected.Is the lack of presence of vlan 18 a factor as to why gc2960 is not receiving the tagged packets correctly? Should the interface vlan18 on gc2960 have an ip address on the vlan 18 network?
View 5 Replies
View Related
Feb 26, 2006
I have three E1 as a part of Multilink group. If any one goes down. loadbalancing between the rest of the two E1 does not work...
View 2 Replies
View Related
Mar 7, 2012
I have a Cisco 1841,c1841-ipbase-mz.124-20.T4.bin, with 2x HWIC-1ADSL-M.I have managed to bond 2x DSL with PPP multlink with the config below and traffic is being sent equally across both DSL circuits. However if i disconnect either of the DSL cables connectivity fails. I was expecting connectivity to continue to work just over the one circuit. [code]
View 1 Replies
View Related
Jun 15, 2011
I think I have my PPP multilink setup correctly. Though I am getting AL lights on one of my connections via a VWIC2-2MFT-T1/E1 card. One AL light is on at each location. Though I checked with my ISP and they said it was my network cables as everything looked good on their end. Currently one T1 circuit is connected at each end so users do not see a disruption. This is a new install with two routers and the config is shown below.
Router 1-----
controller T1 0/0/0
cablelength long 0db
channel-group 0 timeslots 1-24
(code)
View 1 Replies
View Related
Feb 6, 2013
I have two Cisco Routers 3800 series for my internet traffic (2 ISP). I configure HSRP on the interfaces gigabitethernet and at the main router I put the multilink interface to track. When the connection drops to the main router traffic does not switch on my second router.
View 1 Replies
View Related
Apr 3, 2003
Customer site connected to a PE using 2 x E1 circuits aggregated using Multilink PPP. The CE is a 1760, and the PE is a 7206. This is the customer HQ site.
Connected to the same PE are three other sites from the same customer. Each is connected with a single E1, again each CE is a 1760.
During some testing the customer did some large file transfers concurrently from each of the three remote sites into the HQ, so we had data coming into the PE via the three E1's (6Mbps) and then being routed onto the 4 Mbps Multilink PPP interface into the HQ, which is a potential bottleneck. This test failed miserably with packets being dropped on the output interface on the PE facing the HQ.
But then if Multilink PPP encap is removed, and we just connect the HQ using one E1 with HDLC encapsulation, the test works, even though we have half the bandwidth to the HQ, so an even greater potential bottleneck.
View 5 Replies
View Related
Jul 18, 2011
I am looking for any other compression methods I can use for my PPP multilink connection. The PPP multilink compression is composed of two T1 lines. There are no slip sec errors or packet errors that I saw recently. R1 is a 1911 and R2 is a 2911.
R1 sh compress:
Multilink1
Software compression enabled
uncompressed bytes xmt/rcv 184340310/27355186
compressed bytes xmt/rcv 126395743/14139585
Compressed bytes sent: 126395743 bytes 774 Kbits/sec ratio: 1.458
[code]....
View 5 Replies
View Related
Oct 16, 2011
I have a question regarding mlppp and bonding mpls T1 circuits. For the longest time we have been able to get by on one T1 circuit coming into our 3845 router. Well this T1 has now become congested and they are wanting to add bandwidth to this T1. We connect to the phone company via an MPLS T1 currently. So now it appears as though we are going to purchase another MPLS T1 circuit and bond the two T1's together. The way our network is currently set up, we utilize the same AS number on all of our remote routers regardless of location. Keep in mind I don't have any sort of mlppp set up at this moment, so unfortunately I can't post any configs. I'm just questioning the design portion and how to go about doing this.
Here is where my dilemma begins........
For every MPLS circuit we order on the remote end, we specifiy an IP for the remote router itself and one for the provider to assign to their equipment (the bgp neighbor statements). Now granted i'm no BGP extraordinaire, not even a novice really, but I don't understand how I am going to bring two T1 circuits into the same router (basically with 2 pairs of IP's). In order to bond the two T1's together, i'll need to create a multilink interface and assign an IP to that, but yet I still have 2 SETS of ip addresses. And if that isn't enough of a dilemma, I also need to spedify a neighbor statement in order for my AS to bind to the adjacent provider AS, but yet I have two IP addresses for that as well.
View 2 Replies
View Related
Oct 15, 2012
I am configuring ISDN Interface on 2 Cisco 886VA Version 15.2(3)T . I am unable to set ppp multilink on the BRI0 interface and on the dialer interface. It's like the command doen't exist anymore.How can I fix that so that i can have 128 K bandwidth between ma 2 sites ?.
Router1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#int bri0
Router1P(config-if)#ppp multilink
[code]....
View 2 Replies
View Related
Jan 5, 2011
We have 4 data T1s providing our office with 6Mbs of internet bandwidth.I have been trying to track down the reason(s) for the steadily increasing frame and abort errors on the Multilink interface of our new router.We have a new 2961 with 2 2 port T1 interface cards (VWIC2-2MFT-T1/E1).
At first it looked like the T1s were completely clean, but after diving down a bit the last of the 4 T1s does appear to have a decent amount of slip and error seconds.Is that something that would cause the Multilink interface to show input, frame, and abort errors?Any config or debug commands I should start with to narrow down what might be causing this problem?
Config snippets:
card type t1 0 0card type t1 0 1!controller T1 0/0/0clock source internalcablelength short 440channel-group 0 timeslots 1-24description HCFD-XXXXXX!controller T1 0/0/1clock source internalcablelength short 440channel-group 0 timeslots 1-24description HCFD-XXXXXX!controller T1 0/1/0clock source internalcablelength short 440channel-group 0 timeslots 1-24description HCFD-XXXXXX!controller T1 0/1/1clock source internalcablelength short 440channel-group 0 timeslots 1-24description HCFD-XXXXXX!interface Multilink1ip address X.X.X.X 255.255.255.252ip nat outsideip virtual-reassemblyppp multilinkppp multilink group 1ppp multilink fragment disable!interface Serial0/0/0:0description T1 : HCFD-XXXXXXno ip addressencapsulation pppppp
[code]....
View 2 Replies
View Related
Nov 1, 2011
I just finished setting up a bundle of (2) T1's in a multilink bundle and I'm having issues with one of the T1's not wanting to join the bundle.
The router I'm using on the remote office location is a 3620 router running code c3620-i-mz.121-1c.bin
The campus router which is a 7206 is setup the same exact way with multilink 240 and like I've said, serial 0/0 is joined to the bundle just fine, so we are running off one T1 connection.
The serial interface that is not working is: serial 0/1
Here is a show-run:
interface Multilink240
ip address 172.18.xxx.xxx 255.255.255.252
ip route-cache flow
ip ospf network point-to-point
service-policy output PhonesFirst
ppp multilink
[code].....
View 3 Replies
View Related
Jun 11, 2012
One of my customer has raised a new requirement for implementation of short sequence number format support in PPP multilink header for Cisco MWR 2941 E1/T1 serial interface, whereas router is supporting long sequence number format.here is the output of "debug ppp negotiation" command:-Currently in the MWR debugging logs we can see that by default MWR is sending long sequence header format as below
*Mar 13 01:32:55.438: Se0/2:0 LCP: O CONFREQ [REQsent] id 238 len 25
*Mar 13 01:32:55.438: Se0/2:0 LCP: MagicNumber 0x26CDF693 (0x050626CDF693)
*Mar 13 01:32:55.438: Se0/2:0 LCP: MRRU 1500 (0x110405DC)
*Mar 13 01:32:55.438: Se0/2:0 LCP: EndpointDisc 2 16.16.16.11 (0x1307021010100B)
*Mar 13 01:32:55.438: Se0/2:0 LCP: MultilinkHdrFmt seq long classes 2 (0x1B040202)
While as per the requirement PPP multilink header should support short sequence.
MWR configuration:
controller E1 0/2
framing NO-CRC4
clock source line
channel-group 0 timeslots 1-31
[code]....
View 0 Replies
View Related
Mar 10, 2011
We are looking to implement traffic shaping/policing primarily for P2P traffic. As natively the ASA5550 is only capable of p2p inspection if the traffic is tunneled via port 80 is the AIP-SSM the way forward? We have 2 5550s in active/active failover config. As a side note we are also looking to implement an IDS/IPS system so could this module cover all?Is this module going to provide the desired outcome or is there another module/device out there better suited for this? I would prefer to use the ASA5550s as opposed to implementing another product if only that we can make use of the investment we already made on these devices.
View 1 Replies
View Related
Nov 27, 2012
I am testing limit bandwith using my ASA 8.2, i am trying to limit internet access for certains users , i order to save Bandwith for the important things but i can´t get any limitation
My configuration is the following, the acces list is just for my pc in order to test, and the service policy is applied to outside interface (called internet in my case) for incoming traffic
access-list Internet_mpc_1 extended permit ip host 172.16.127.70 any class-map Internet-class-TEST match access-list Internet_mpc_1 policy-map Internet-policy-web class Internet-class-TEST police output 1024000 1500
service-policy Internet-policy-web interface Internet
With show service policy i can´t see any activity on the policy , but if i do a similar configuration for inside interface outgoing traffic i can see packets allowed and dropped
View 3 Replies
View Related
Apr 29, 2012
I have an ASA 5520 with the below config
Gi0/0: outside (Internet)
Gi0/1: inside (Internal users)
Gi0/2: DMZ (web servers, ftp, Mail etc..)
I have a SMTP relay deployed on the DMZ for mailing. I have also a mail servers installed in the internal lan,
I want to allow trafic from dmz to reach internal lan, and i want normally also allow stmp relay from dmz to reach Internet.
How can i block trafic from DMZ to reach Internal Lan (instead of smtp) if the to allow trafic from dmz to internet i must put ANY in the policy?
For allowing trafic from DMZ to reach Internet, the policy must be DMZ -----> ANY ----->Services., this policy means DMZ can implicity reach Internal Lan?
View 2 Replies
View Related
Mar 19, 2013
We have a Cisco 2811 running ITP IOS. On that router we run the SMPP service. A client on the network connects to this service, and we need to capture the traffic for debug.
I've tried traffic-export, but I cannot see any outbound traffic.I'm guessing that this is due to the fact that the outbound SMPP traffic is not transit traffic as it is generated by the router itself.
Is there any way to capture the outbound traffic?
View 4 Replies
View Related
Aug 4, 2011
I am trying to come up with the best way to traffic shape traffic with 3750 Me switches. the traffic will be coming from a 6504 Sup-7203b downstream and going out the wan. Core---L3---->6504--intvlan80--trunkport to--->3750Me---g/1/1/1-trunkport to---MetroE network--->int f0/0.80--branch router. The idea is to use the 3750 to traffic shape the traffic going towards the wan/branch to 500 to match the contracted rate and then to use qos on shaped rate. I tried to apply it to g1/1/1 using port based policies but it did not shape the traffic. I changed everything to IP interfaces and it worked. I need to break up the metroe into different vlans so I can bring branch offices in on different vlans.c
View 3 Replies
View Related
Dec 6, 2011
I have router cisco 2821 wit IOS version 12.4(25d) I also have Cisco AIM-VPN/SSL-2 Encryption Module for this router.I inserted this module in AIM slot 0 but can not see it. [code] What should I have to change to enable this module?
View 2 Replies
View Related
Mar 27, 2013
I have an existing C2821 router (2 onboard GE + 1 HWIC-2FE) currently. Like to add another 1 HWIC-2FE. Saw this doc on Cisco website which states Max of 2 HWIC-2FE for Cisco2821. Want to confirm this is indeed so as another link states max of 1 HWIC-2FE.
View 3 Replies
View Related
