connections on routers

Unanswered Question
Apr 15th, 2010

We are working on capacity planning for some of our sites. These employ Cisco 7606 router. Is there a way to know the current no. of connections being used up. Any specifications which indicate what will be the maximum connection limit on these.

All help is appreciated. Thanks in Advance!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Giuseppe Larosa Thu, 04/15/2010 - 08:37

Hello Sunny,

a list of ports active and up/up can be get with

sh int sum | inc ^\*

example:

sh int sum | inc ^\*
* Vlan1                    0     0    0     0  5000    0     0    0    0
* Vlan8                    0     0    0     0  7000    1     0    0    0
* Vlan9                    0     0    0     0     0    0 422000  510    0
* Vlan11                   0     0    0     0     0    0 1210000  262    0
* Vlan13                   0     0    0     0  2000    1     0    0    0
* Vlan14                   0     0    0     0     0    0     0    0    0
* Vlan15                   0     0    0     0 12000    0     0    0    0
* Vlan20                   0     0    0     0     0    0 172000   12    0
* Vlan22                   0     0    0     0     0    0     0    0    0
* Vlan24                   0     0    0     0 30335000  6584 51125000  6339    0
* Vlan50                   0     0    0     0 766000  465 1301000  815    0
* Vlan51                   0     0    0     0 968000  587 506000  297    0
* Vlan99                   0     0    0     0     0    0     0    0    0
* Vlan333                  0     0    0     0 15000    2  3000    1    0
* Vlan617                  0  1785    0     0 31017000  3625 15374000  2157    0
* Vlan618                  0     0    0     0 25711000  3291 10461000  1840    0
* Vlan899                  0     0    0     0  6000    1     0    0    0
* Vlan900                  0     0    0     0 10000   16 184376000  38624    0
* GigabitEthernet1/2       0     0    0     0     0    0 1196000  266    0
* GigabitEthernet1/4       0     0    0     0 16883000  2599 4886000  1112    0
* GigabitEthernet1/6       0     0    0     0 168000  171 243000  160    0
* GigabitEthernet1/9       0     0    0     0 213366000  30962 32972000  6707    0
* GigabitEthernet1/10      0     0    0     0 30000   24 75940000  14454    0
* GigabitEthernet1/14      0     0    0     0     0    1 1827000  847    0
* GigabitEthernet1/15      0     0    0     0     0    1 1825000  847    0

[ truncated ]

Hope to help

Giuseppe

suthomas1 Thu, 04/15/2010 - 20:40

Thanks, this is also something i didnt knew.

But my query was more on a point where we need to know how many connections are flowing through the device and the maximum that was reached.

Similar to what we have in firewalls, where we have a limit and then we can view the counts for these connections.

This is also to be used for another device with an integrated cisco IOS based firewall.

Thanks for your help in advance!

ozzyosbu1 Fri, 04/16/2010 - 01:20

Hello

If u have enabled netflow, you can check with show ip cache flow to see the active flows on the netflow enabled interfaces.

Giuseppe Larosa Fri, 04/16/2010 - 01:53

Hello Sunny,

for firewalls we can measure the performance in terms of max sessions and max session rate served (sessions/sec) that can be handled because a firewall inspects each TCP session that attempts to go through and has to build a stateful entry for it (if stateful).

For a C7600 acting as a router the number of TCP sessions that are going through is not really important: traffic is switched at OSI L3 and the router does not suffer from the number of TCP sessions but it is more important the traffic volume and the potential for oversubscription in each linecard.

The only aspect where the number of distinct flows counts is in the netflow accounting: there are limits in the netflow local table size and the more flows are seen the more accounting  packets should be exported.

Depending on the supervisor in use you can face scenarios where the system is able to foward a given level of  traffic with no problems but traffic variety (n. of traffic flows) is so big that the system is not able to account for all flows and there misses in the netflow accounting.

With this kind of device, aa multilayer switch,  this is a possible scenario.

So from a performance point of view the number of connections on a router is not a parameter used to characterize it: you can use packet per second and traffic rate.

You should use the datasheets for supervisor and linecards to understand if you are near any limit or beyond.

Hope to help

Giuseppe

suthomas1 Fri, 04/16/2010 - 08:27

Thanks for the good explanation. It helped me understand things better.

Now in case if the router comes with an integrated zone based firewall, is there a way to check the same on this.

Thanks a lot!

Actions

This Discussion