12-29-2008 03:28 PM
Hello everybody,
I have a problem, when i active wccp in the router that face to WAN. after 2 hours the link of router become slow in the applications outlook, applications over citrix, file sharing, etc these servers are in other site.
wait your help
01-02-2009 09:53 AM
WCCP Multiple Configurations causes high CPU
For further information please follow the bug CSCeh13292.
01-03-2009 11:28 AM
01-03-2009 01:34 PM
Hello ropethic,
thank you for your response the show version is the follow:
Border-Router#sh ver
Cisco IOS Software, 3800 Software (C3845-ENTSERVICESK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 14-Aug-08 00:14 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
Border-Router uptime is 2 days, 23 hours, 25 minutes
System returned to ROM by power-on
System restarted at 07:58:28 GMT Fri Dec 26 2008
System image file is "flash:c3845-entservicesk9-mz.124-15.T7.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco 3845 (revision 1.0) with 217088K/45056K bytes of memory.
Processor board ID FTX1105A3XA
3 Gigabit Ethernet interfaces
66 Serial interfaces
1 terminal line
2 Channelized E1/PRI ports
1 cisco Integrated Service Engine(s)
Cisco WLAN Controller 5.1.151.0 in slot 4
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)
Configuration register is 0x2102
and the output is:
Border-Router#sh ip wccp
Global WCCP information:
Router information:
Router Identifier: 172.25.0.1
Protocol Version: 2.0
Service Identifier: 61
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets s/w Redirected: 195742
Process: 195742
Fast: 0
CEF: 0
Service mode: Open
Service access-list: -none-
Total Packets Dropped Closed: 0
Redirect access-list: 130
Total Packets Denied Redirect: 1414569
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
Service Identifier: 62
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets s/w Redirected: 322630
Process: 88491
Fast: 59707
CEF: 174432
Service mode: Open
Service access-list: -none-
Total Packets Dropped Closed: 0
Redirect access-list: 140
Total Packets Denied Redirect: 1613449
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
01-03-2009 01:56 PM
Hello ropethic,
other output:
Border-Router#sh access-lists 130
Extended IP access list 130
10 permit ip 172.29.0.0 0.0.255.255 172.22.0.0 0.0.255.255 (195742 matches)
20 permit tcp any any eq 1720
Router-Border#sh access-lists 140
Extended IP access list 140
10 permit tcp any eq 1720 any (10 matches)
20 permit ip 172.22.0.0 0.0.255.255 172.29.0.0 0.0.255.255 (528770 matches)
30 permit tcp any any eq 1720 (357 matches)
Part of the configuration is:
Border-Router#sh run
Building configuration...
!
version 12.4
!
hostname Border-Router
!
ip wccp 61 redirect-list 130
ip wccp 62 redirect-list 140
ip cef
!
!
interface Loopback0
ip address 172.25.0.1 255.255.252.0
no ip route-cache cef
no ip route-cache
!
interface GigabitEthernet0/0
description Lan
bandwidth 100000
no ip address
ip accounting access-violations
no ip route-cache cef
ip route-cache flow
no ip mroute-cache
duplex full
speed auto
media-type sfp
negotiation auto
!
interface GigabitEthernet0/0.10
description LAN
encapsulation dot1Q 1 native
ip address 172.23.207.10 255.255.255.252 secondary
ip address 192.168.31.250 255.255.255.0 secondary
ip address 172.29.202.250 255.255.0.0
ip helper-address 172.21.200.11
ip flow ingress
ip flow egress
ip policy route-map DATOS
ip wccp 61 redirect in
ip wccp 62 redirect out
!
interface GigabitEthernet0/0.300
encapsulation dot1Q 300
ip address 192.168.20.1 255.255.255.0
ip wccp redirect exclude in
!
interface Serial1/0
description WAN
bandwidth 2048
ip address 10.144.193.142 255.255.255.252
ip accounting output-packets
ip accounting precedence output
ip load-sharing per-packet
ip nbar protocol-discovery
encapsulation ppp
ip route-cache flow
no ip mroute-cache
load-interval 30
serial restart-delay 0
!
interface Serial1/2
description WAN
bandwidth 2048
ip address 10.144.193.130 255.255.255.252
ip accounting output-packets
ip accounting precedence output
ip load-sharing per-packet
ip nbar protocol-discovery
encapsulation ppp
ip route-cache flow
no ip mroute-cache
load-interval 30
serial restart-delay 0
!
interface Serial1/3
description WAN
bandwidth 2048
ip address 10.144.193.138 255.255.255.252
ip accounting output-packets
ip accounting precedence output
ip load-sharing per-packet
ip nbar protocol-discovery
encapsulation ppp
no ip route-cache cef
ip route-cache flow
no ip mroute-cache
load-interval 30
serial restart-delay 0
!
interface Integrated-Service-Engine4/0
ip address 15.0.0.1 255.255.255.0
no keepalive
!
interface Integrated-Service-Engine4/0.17
encapsulation dot1Q 17
ip address 16.0.0.1 255.255.255.0
ip policy route-map WInvitados
!
interface Integrated-Service-Engine4/0.121
encapsulation dot1Q 121
ip address 172.25.52.1 255.255.252.0
!
access-list 130 permit ip 172.29.0.0 0.0.255.255 172.22.0.0 0.0.255.255
access-list 130 permit tcp any any eq 1720
access-list 140 permit tcp any eq 1720 any
access-list 140 permit ip 172.22.0.0 0.0.255.255 172.29.0.0 0.0.255.255
access-list 140 permit tcp any any eq 1720
!
01-05-2009 06:52 AM
Hello,
In looking at your wccp service output and the interface configs, I see a significant amount of Process and Fast switched wccp traffic. You want this all in CEF if possible to keep your CPU from jumping.
Try removing the "no ip route-cache cef" from your physical interface (Gig 0/0) and see if that puts the traffic back in CEF for WCCP and improves your traffic speed. I believe that applies the the sub-interfaces as well with will affect your WCCP traffic.
I hope that helps, let the forum know if it does.
Thanks,
Dan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide