Banwidth issues

Unanswered Question
Jun 14th, 2007

I received an e-mail from a concerned client in regards to speed of the network. This is something that the my client has lived with for some time, but since they hired a few new users, it has caused a somewhat notable degradation.

There is a T1 connection between the Hub and remote site.

Here is what I could drum up from some speed tests?


Download: 481,064 bps

Upload: 352,736 bps

QOS: 99%

RTT: 117 ms

MaxPause: 141 ms


Download: 476,208 bps

Upload: 251,536 bps

QOS: 96%

RTT: 156 ms

MaxPause: 163 ms

The quality of service is excellent, but the speed caps at 481 kbps.

The Hub site is a VPN tunnel to main site. Is there any investigation / recommendations we can provide?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
spremkumar Thu, 06/14/2007 - 03:57


You need to throw more light one what kinda upload/download you are trying out over there and also the kinda bandwidth guarantee being given to the application you are trying to test...

It will be hepful if you can post out the config of both hub and remote location ..


shirwaziri1_2 Thu, 06/14/2007 - 04:08

Here is the config of the main site. I will submit the hub site when i get access to it. Also at this time, all I know is that they are experiencing network degration performance. I will try to shed more light.

THank you for your input and your patience.

By the way this is a 1604 cisco router...Here is the Show ver and the show run

Main# show ver

Cisco Internetwork Operating System Software

IOS (tm) 1600 Software (C1600-Y-L), Version 11.2(15a)P, P RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1998 by cisco Systems, Inc.

Compiled Tue 25-Aug-98 01:12 by kpma

Image text-base: 0x0801CF38, data-base: 0x02005000

ROM: System Bootstrap, Version 11.1(10)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

ROM: 1600 Software (C1600-BOOT-R), Version 11.1(10)AA, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

Main_1604 uptime is 19 weeks, 3 days, 21 hours, 18 minutes

System restarted by power-on at 00:13:02 UTC Mon Jan 29 2007

System image file is "flash:c1600-y-l_112-15a_P.bin", booted via flash

cisco 1604 (68360) processor (revision C) with 1536K/512K bytes of memory.

Processor board ID 08350319, with hardware revision 00972006

Bridging software.

X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.

Basic Rate ISDN software, Version 1.0.

1 Ethernet/IEEE 802.3 interface(s)

1 serial(sync/async) network interface(s)

1 ISDN Basic Rate interface(s)

U interface with external S bus interface for ISDN Basic Rate interface.

System/IO memory with parity disabled

2048K bytes of DRAM onboard

System running from FLASH

8K bytes of non-volatile configuration memory.

4096K bytes of processor board PCMCIA flash (Read ONLY)

Configuration register is 0x2102



Main#show run

Building configuration...

Current configuration:


! Last configuration change at 04:13:59 EDT Tue May 8 2007


version 11.2

service timestamps debug uptime

service timestamps log uptime

service password-encryption

no service udp-small-servers

no service tcp-small-servers


hostname Main_1604


enable secret 5 $1$3Jfg$8pc6g5yxoBQqIDwng2yQq/

enable password 7 06545A78197E39115547162E22


clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00


interface Ethernet0

ip address


interface Ethernet0.1

arp timeout 0


interface Serial0

description ser to syracuse

ip address


interface BRI0

no ip address



no ip classless

ip route

ip route

ip route permanent

ip route

ip route permanent

ip route permanent

ip route permanent

ip route

ip route

ip route

ip route

ip route

ip route

snmp-server community 5yner9y RO

line con 0

password 7 1410431B5D54387C


line vty 0 4

password 7 1445475259341A23747837




pciaccio Thu, 06/14/2007 - 04:19

From your configuration I do not see any QOS configured on the rouer. SO your T-1 is using FIFO for its queuing. Also you need to show us a SHOW INTERFACE SERIAL0 command to allow us to see the specs on the T-1....

shirwaziri1_2 Thu, 06/14/2007 - 04:24

Can the 1604 router be configured with QOS??

Main#show interface se0

Serial0 is up, line protocol is up

Hardware is QUICC Serial

Description: ser to syracuse

Internet address is

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 6/255

Encapsulation HDLC, loopback not set, keepalive set (10 sec)

Last input 00:00:03, output 00:00:00, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0 (size/max/drops); Total output drops: 4939

Queueing strategy: weighted fair

Output queue: 0/1000/64/4939 (size/max total/threshold/drops)

Conversations 0/59/256 (active/max active/max total)

Reserved Conversations 0/0 (allocated/max allocated)

5 minute input rate 3000 bits/sec, 8 packets/sec

5 minute output rate 39000 bits/sec, 10 packets/sec

74694063 packets input, 1460401777 bytes, 0 no buffer

Received 1377713 broadcasts, 0 runts, 3 giants, 0 throttles

31239 input errors, 2757 CRC, 25904 frame, 0 overrun, 0 ignored, 2578 abort

86363034 packets output, 414064382 bytes, 0 underruns

0 output errors, 0 collisions, 125 interface resets

0 output buffer failures, 0 output buffers swapped out

0 carrier transitions

DCD=up DSR=up DTR=up RTS=up CTS=up


spremkumar Thu, 06/14/2007 - 04:30


Can you pls confirm how you are connecting your main site and the remote sites ?

I see only a single serial interface configured /24 block..

Can you also post more info on how the remote sites are getting connected to the central site..

What kinda QOS you are expecting to be supported by the Cisco 1604 router ? Do you have some functionality in mind ?


pciaccio Thu, 06/14/2007 - 04:47

I am a little confused.. The configuration for the 1604 router shows no QOS configured on it, however your Show Interface command has Weighted Fair queuing configured on it. I see that you are also dropping alot of packets on your output. This means that you are over running your output buffers. You should look into setting up a priority queuing method for QOS. Also you state that the remote site is using a VPN and I again do not see any ecryption configurations on the router. Are they using some other device for the VPN tunnel (Say PIX or VPN concentrator)?? For performance issues involving a tunnel you may need to look at the type of applications that are going across the tunnel. If a TCP application then you may need to lower the MSS (Segment size) tranversing the tunnel. Keep in mind that encryption tunnels add overhead onto the frame and some intermediate routers and firewalls block the DF bit. So if your packet needs to be fragmented then the control mechanism (DF bit) for that will not pass the network and will be dropped by either a firewall. By lowering the MSS for your segments will lower the frame size and fragmentation will not be needed.... All these need to be considered.....Good Luck.....


This Discussion