Cisco WAN :: OC-24 Throughput Through Private Line
Nov 22, 2012
we have one OC-24 private line between our data centers. we are looking to get best throughput but we get max. avg throughput of 300Mbps with peaks of 800Mbps throughput. i.e. we transfered 2TB of data over this link and we got average throughput of 300Mbps with peaks of 800Mbps.
we should at least be getting 800Mbps throughput since we have OC-24 (1244Mbps) private line. we contacted our ISP but they said there isn't any problem in private line from ISP side. what can we do to increase average throughput?
I have two sites connected via 2901 routers to a head end with an ASA 5510, the WAN circuits are LES running at 100MB and at the head end we have a 100MB leased line. All WAN circuits are provided wires onlyby another supplier. I have setup the two 2901 routers with inside IP addresses on GE0/0 and a /30 subnet for the GE0/1 interfaces to the ASA over the LES circuit.
The LES circuits are set to 100MB but the problem I am having is that one of the 2901s will only negotiate at 10MBps Half Duplex with the ASA at 100MB Half Duplex, the other will negotiate at 100MBps Full Duplex at both ends. My WAN provider tells me both LES circuits are the same so I cannot work out why one will negotiate at 100MB Full and the other at only 10Mb Half.
At the head end I have and ASA 5510 connected to the WAN providers 100MB circuit but testing from my end sites I can only get 6MB download and 0.5MB upload on an Internet Speedtest.
I used Wireshark when downloading from my end sites and I can see lots of TCP retries and duplicates so I think this is a duplexing issue, my question is, my WAN provider is stating the issue is nothing to do with them and it is my 2901 and ASA that is at fault, they state if they connect a laptop to the LES circuit and then their leased line they get 100MB up and down.
The reason is i want to know the difference between the leased line and the DSL line. The whole thing behind the confusion is, We plan to have a high speed internet connection in our office. We will don't have a branch office or some thing like that. I preffered to have high speed internet in our office. I found in some website that Lease line will have high speed connectivity(Upto 10Gbps). Can i use the lease line or DSL is enough for our office. Our office contains of 82 user who will use internet.
We have a 1841 setup with WAN and LAN subinterfaced(2 WAN connections, 1 internal VLANs) and I am recieving some pretty horrible throughput when traversing the router to the WAN.
I am receiving about 2 MBPS down but around 5 up.Currently there is a ACL on the WAN interface, and as well we are running NAT NVI. It is possible that this might have something to do with it, but I am not sure.
Most of the CPU is going to IP input however I cannot seem to determine the cause. One thing I am thinking is the overload for NVI is using a route-map. Could that cause it to process switch instead of fast/CEF switch?
My first wireless router, which I still have and works perfectly, was a DIR-601, A1, fw v1.00na. It has always been reliable and worked great, save for being a little weak on the signal range. Back when I got it I knew little about networking period, let alone wireless routers- so I never tweaked anything on it. Now it's almost 4 years later. Being a little more knowledgable, and my family creating A LOT more traffic on my network, I decided some upgrades were in order. First I called COX to upgrade my speed too, which led me to having to purchase a new Motorolla SB6121 modem- and everything was great. However, aside from the same old dead spots in my house, I was starting to realize the limitations of my 601 with regards to handling the traffic load. Since I never had an issue with my 601, I decided to stay loyal to D-Link. After, albeit, a small amount of research... I decided on the 655. It fit the budget, and I read some decent reviews on it regarding gaming. Plus, from what I've read, I didn't really see any benifit to justify a dual band router for what I do. Anyway, my new 655, B1, fw v2.05NA has solved all of my wireless issues and handles our traffic perfectly, except for one slight problem- my wired PS3. I have Cox ultimate, which here in Nevada is up to 150Mbps, and wired my laptop is getting 107Mbps download- pretty consistently with the 655, and around 100 with the 601. My PS3 on the other hand, went from 27 to 32Mbps wired with my 601, to only getting 8 to 15Mbps wired to the 655- and a lot of lag on certain online games. It seems that out of all of our devices, my PS3 is the only one that doesn't like the 655. I really hesitate to DMZ my PS because of the risks, but at this point I'm almost desperate enough to try anything. I hooked the 601 back up for now for the PS3 performance...but we are REALLY missing the wireless and traffic handling performance of the 655!!
When a physical switchport/routed port has high usage, you can move the link to a higher capacity port, upgrade the port, bond links, etc. What exactly do you do when an SVI has high usage? I guess you could remove some servers from the VLAN, but that doesn't seem like a reasonable solution. What dictates the capacity of an SVI? The backplane of the switch?
We are looking at providing an ISR 819 for one of our customers using FTTC & 3G for failover .. However, I cant seem to find any recommended throughput guidence for the device? We could be looking at up to 80Mbps via the ethernet interface and I just dont know if the device will cope?
I have a Cisco 881 (without wifi model) connected to a 100Mb unmanaged switch and a cable modem with a 120Mb down, 10Mb up connection. When I connect the modem directly to my laptop, I can reach the 120Mb/s down and 10Mb/s upload speed. When I connect the modem to the 881, the max download is about 30Mb/s. Upstream 10Mb is no problem. I've been trying to change the duplex and speed settings on the FastEthernet4 interface, but this has only a worsening effect. I should be able to get about 100Mb/s (since switch is only 100) right?
We have multiple sites that have either fiber 20mb d/u or cable 50/10 d/u. Recently we have upgraded our head end router to a 2921 security based router and noticed that no matter if we are sending or receiving the most we can push is 1.6Mb. I would expect this number to be at least 8Mb for uploading and at least 18mb for downloading from other sites.I have included parts of my config and screen shots of bandwidth usage for troubleshooting. [code]
We've recently moved from using FiberChannel across an OC-48 between two data centers to GigabitEthernet. Data replication throughput has dropped from 700Mbps down to 45Mbps. The telco provider has demonstrated 1Gb throughput via UDP andTCP using T-Berts. However, when we connect two computers or servers, we do not get near the throughput performance.
The issue was about Cisco ASA5510 Sec Plus.2 Interfaces, LAN and DMZ.Both 1000 FD, no interface errors like CRC or something similar.If I start a data transfer (like FTP) or a data stream test (like Netperf), from DMZ to INSIDE I get a theoughput.If I start the same from INSIDE to DMZ (same hosts), i get a troughput almost ten times slower.If i do the same using netperf in UDP (not TCP) I get the same in both directions.
Do some have some realistic performance numbers for a ASA 5505 on a mixed setup with local internet breakout and site to site vpn ( and don't tell me 150 mbps 3des throughput on a 100 mbps ethernet) - what can be expected in a live environment where we f.ex feed it with a 100 mbps internet connection - with a site to site vpn with f.ex 20 office workers running office on a remote terminalserver and mixed local internet breakout.
We have 15 small branches with Cisco 881w in every office, they use VPN site-to-site to vpn- concentrator on V yatta. I launched cacti monitoring of cisco 881's CPU's Errors, Traffics, Non-uni cast, Uni cast. I see that on 10.00 pm in one brunch when nobody works there, CPU load reaches 50% and traffic rises up to 9mbs.
I have two NAS drives directly connected to my router. I am accessing them through my XP laptop's wireless connection. I am trying to copy a large volume of data from one to the other (28Gb).The problem I have is throughput. I am barely getting 250Kb/s from one drive to the other.Is there a way to speed this up?
recently we had some performance issues with C2811 which caused us to do some lab testing. For testing we used also C1812. The results were quite surprising for us, as the C1812 appeared to be more efficient than C2811. Below you can see the lab scenario and results.
1. Why C2811 is performing worse than C1812?
2. Is there any official Cisco reference stating what are the max VPN throughputs of certain platforms/models? (we consider migration to C2900 platform and would like to choose the right model)
as presented on the small diag:
All routers had enabled onboard hw VPN modules and SEC/K9 IOS ver. Configuration was very simple and beside encryption there were also GRE tunnels configured and EIGRP process for routing between "remote LANs". Part of conf responsible for encryption:
crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600crypto isakmp key ......... address ......... no-xauth!crypto ipsec transform-set SHA-AES256 esp-aes 256 esp-sha-hmac crypto map VPN 90 ipsec-isakmp set peer ......... set transform-set SHA-AES256 set pfs group5 match address .........
TEST RESULTS Cisco 1812Cisco 2811iperf generated BW [bps]WAN if BW (max of 30s avgs) [bps]CPU usage (max of 5s avgs)WAN if BW (max of 30s avgs) [bps]CPU usage (max of 5s avgs)500k--540k5%1M1,1M3%1,2M8%2M2,1M4%2,3M14%5M5,4M10%5,7M34%10M10,6M20%11,5M65%15M15,8M28%17M96%16M--17,2M99%25M27M48%--35M38M64%--45M48,2M72%--53M60,8M88%--59M67M94%--61M72M97%--
Any way to test throughput on a routed SG-300. I tried using iperf with netbook on VLAN1 to netbook on routed interface running @ 100mb. I was getting results as low as 40mb upto 200mb (sometimes even 2gb, I assumed these to be flukes). Since implementing it, the throughtput seems worse, I'm getting between 10 - 40mb of throughput. I have about 30 clients behind it routing across a 100mb leased link. I don't see why the SG300 shouldn't be able to do wire speed routing (upto 100 hosts). How to verify the expected throughput consistently?
I'm new to the Networking world and am trying to establish a base for my network. I'm running ASA 5510 8.4(4), how can I measrue throughput ? In the ASDM, there is a nice feature for CPU, and the command show CLI also provides good info about CPU, but how can I get the throughput on a port basis ?
I'm looking at replacing a CSS 11506 in a data centre with two Cisco ACE 4710 appliances. One thing that concerns me is the drop in throughput. The 11560 has a maximum throughput of 40Gbps while the ACE we are looking at is only 1Gbps. It seems that the 11506 is able to scale much better?Also, is it possible to run the two 4710s in an active/standby configuration?
Am looking at purchasing a router that is capable of serving a WAN bearer at up to 1Gbps. The 3945E has had good reviews as a high throughput router but the datasheets suggests performance of 350Mbps. It also states that additional performance can be ensured by adding SPE modules. Whether the 3945E could achieve up to 1Gbps with SPE modules?
If the 3945E can't achieve such performance, The key features I am after are:
IPV4 and IPV6 support L2tpV3 support BGP IP SLA 1Gb Copper Connections on-board with capability of at least 4 Ports
We are bonding two LLU DSL lines using MLP. Our LLU provider supports MLP bonding and we have a few other customers working well on Cisco 1841s, although not such high sync speed lines as this problem site.
So the lines work well with no interface errors and sync speeds are very good and evenly matched between the two lines (approx 14Mbps downstream). It's all good - it's great in fact except that it just doesn't work properly! By that I mean we're not seeing the downstream throughput we'd expect. We actually get the downstream throughput of less than a single DSL line, so about 12Mbps. Upstream bonded throughput is fine and in line with the sync speeds.
Both circuits are 'active' in the PPP multilink bundle and I see 3 sessions on our core LNS Cisco 7301 (c7301-boot-mz.124-2.T.bin) - i.e. 2x circuits + 1x bundle. We've checked the circuits individually and 'actual' throughput (using NetPerf software) is similar for both lines and in line with the sync speeds.
We are seeing quite high CPU (50%) on the Cisco 1841 (c1841-ipbasek9-mz.124-24.T1.bin) at the customer premesis, but having tested a Cisco 2951 on the customer premesis with two new HWIC-1ADSL-M cards, this is not the cause. The 2951 ran at 5% CPU whilst we experienced the same problem.
We've checked the setup of both Cisco CPE and LNS with our LLU provider and they are happy with the MLP config. They themselves have been able to bond two similarly sync'd Annex-M DSL lines and get 25Mbps throughput on a 1841.
I'm doing some throughput calculation test between a wireless client and a wired desktop computer, and I'm a bit confused about the result i've got. According to the client's card and the WLC, the client is connected to 802.11g, at a speed of 54Mbps. To perform my test, i'm using IPERF (available here [URL) The result is as follow:
As you can see, i'm far away the maximum theorical speed of 802.11g. Any software wich is able to test the throughput of a connection? The client wireless card is a Dlink DWA-652 and the wlc is running code 7.0.116, the AP is a cisco LAP1042N.
what is the throughput of NM-16ESW and performance (mpps). I have 3845 router.All I've found on the datasheet: "Delivers up to 200 Mbps of bandwidth (full duplex) Layer 2; forwards and filters at full wire speed on each port".
Does it mean "200 Mbps full-duplex aggregate bandwidth availabe for all 16 i/f"? --> so the top limit of this network module.What is the throughput of a 3845 NM slot? NM-16ESW will be EOS by Nov 15, 2011. I could only find replacement for hardware except for newer IGR2 router (SM modules).
Looking at the ASA spec sheets, the ASA 5510 has a firewall throughput of 300Mbps. Does this mean 300Mbps half duplex or full duplex?
We are looking to replace our current firewall. Peak traffic at the moment is 250Mbps upstream and 20Mbps downstream, max concurrent sessions is 24K. Will I need to look at a ASA 5520 for the replacement?