cisco 800 MPLS problem

Unanswered Question
Feb 25th, 2010

We have been experiencing speed issues to our MPLS from our office for some time, we had a similar problem last September which meant our MPLS from our office was unusable, at that time we switched off the Cisco 800 router and the MPLS was fine, switched it back on and it was ok.

At the end of last week the response on the MPLS was unusable again and we have been receiving complaints from the users. We checked out the MPLS and that was fine, rebooted the router but that did not improve the situation.

switch off the Cisco Router, we had some ping tests running which had been failing badly, as soon as we switched off the Cisco the pings were returned perfectly. We left the router off for 10 mins and then switched the router back on; the responses for now appear to be fine.

However, there is obviously a problem with the Cisco 800 router which is causing excessive next work trouble on the office network and seems to be flooding our WatchGuard and the Global Crossing router (MPLS/Internet) which is not acceptable. This appears to build up over a period of time.

Our MPLs bandwidth is 2MBPS and we have 15 users. can someone help me to resolve this issue urgently?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Mon, 03/01/2010 - 12:56

Hello Khalid,

sorry for late reply

however, without seeing the C800 configuration is not possible to say anything meaningful.

remove username/pwd change public ip addresses for safey and post it in the forum

there may be some resource that is filled up in the router over time (memory or ARP table or NAT and so on)

it might be a SW defect causing memory leakage it is not possible to say more without details.

Hope to help


khalid.meraj Tue, 03/02/2010 - 02:21

Building configuration...

Current configuration : 3285 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname office

logging message-counter syslog
enable secret 5 passssssssssssssss.
enable password passsssssssss
no aaa new-model
crypto pki trustpoint TP-self-signed-1604545461056998
enrollment selfsigned

  30820241 308201AA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31363031 30353639 3938301E 170D3032 30363037 30363130
  34315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36303130
  35363939 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  81009CAB E29F6557 AE9D3714 25A43975 F4D5A718 51FF5834 2842169D E3972E13
  3D100DA7 1AC16145 11618EEB A44A13C1 93C5876D 51D7D0B9 C5011D51 FF7E0753
  C3184B50 2067746A 2F3B7096 4BECC21D C3EE5B08 ABB1F2C6 21589660 DD6594A0
  68068E32 9E29EE01 E39B003B C39C79C6 264C8AC9 3BC2DCDF A7BB4E45 168756F1
  D6A30203 010001A3 69306730 0F060355 1D130101 FF040530 030101FF 30140603
  551D1104 0D300B82 09616D65 72696361 7371301F 0603551D 23041830 168014EF
  52C7F15F 5E0AC99A 03462D93 13618FD0 32089830 1D060355 1D0E0416 0414EF52
  C7F15F5E 0AC99A03 462D9313 618FD032 0898300D 06092A86 4886F70D 01010405
  00038181 000860C5 2FA42FA1 036EDC68 0958A8F6 B9B018CD 4F4B7047 CD49DCF6
  5E632EA6 B9F3255C FDCE5D74 1CBBFD5C 15A89011 6BABCB7B F5D461CF 8EA78CB4
  7557D049 FA5AB324 408D38D6 1FD88AA7 96DC3049 BF190E61 B42A32BB 6E82B6DF
  7C01C32E 639E21CB B7C4D4BD 325FC174 A7847CDA 66330F7C AB0C68C3 6AD5B5F9
  109666B0 E6
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
log config
ip telnet source-interface FastEthernet4
ip ssh source-interface Vlan1
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
ip address
speed 100

interface Vlan1
ip address
no ip forward-protocol nd
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip route
ip http server
ip http secure-server
dialer-list 1 protocol ip permit
snmp-server community public RO
line con 0
no modem enable
line aux 0
line vty 0 4
password help4it2628
scheduler max-task-time 5000

Giuseppe Larosa Tue, 03/02/2010 - 04:13

Hello Khalid,

your configuration looks like fine.

you are using static routes with IP next-hops and this is good because it minimizes ARP activity and ARP table size.

There is no NAT or other features that could load the device over time.

IP CEF is enabled

I would do the following:

post a sh ver | inc image to help in a bug search

monitor over time cpu and memory usage with:

sh proc cpu | inc util

sh proc mem | inc Free

takes this every half an hour (making a script could be handly or using SNMP MIB with a MIB browser)

if you see overtime Free memory reducing the device is probably affected by a SW defect causing memory leakage.

you can get cpu usage trend with

sh proc cpu history

details of what processes are using the most resources can be seen with

sh proc cpu sorted 1min

sh proc mem sorted (to be checked)

Also looking at log messages may be of help if you see any traceback message or spurious access to memory could be sign of a SW defect.

you can check log locally with

sh log

it may be wise to increase logging buffer size using

conf t

logging buffer 100000

I would suggest if possible to configure the router to send log messages to a syslog server

Hope to help


khalid.meraj Tue, 03/30/2010 - 03:58

I updated the router IOS to 15.0 last week but it didn't resolve the issue. Still have to restart the router when lots of packet start droping and then after the restart it start working fine and then after one or two days it drags it self to same possion and then we have to restart the router to fix the issue anyother solution for this ????????

Leo Laohoo Tue, 03/30/2010 - 15:29

Wait a minute ... if you have a 2Mbps MPLS link where's your traffic shaping statements?  Maybe it's "slow" because the provider keeps dropping excess and the site keeps on re-transmitting.

khalid.meraj Wed, 03/31/2010 - 06:53

IOS already updated and it didn't resolve the issue can you tell me how to check this MPLS bit you are talking about as I am

not cisco expert. But keep in mind it didn't work after a quick reboot have to switch it off for

5 to 10 minute to bring it to life any Idea and if I have to check the memory leak then

how I be able to do it?

Jarleif Vaagen Wed, 03/31/2010 - 11:25


Did you verify that your issue isn't founded in Gratuitous ARP? Where does the Firebox fit in in the network?

Are you running routed or drop-in mode on your watchguard appliance?



This Discussion