Slowness at sites...with WAAS

Unanswered Question
Sep 2nd, 2010
User Badges:

we have a duel connections at most of

our VPN and one MPLS

so we have started doing this we dont use IP fowarding we use WCCP Negotiated Return ...

interface Multilink123
bandwidth 3072
ip address x.x.x.x y.y.y.y
no peer neighbor-route
ppp chap hostname

ppp multilink links minimum 1
ppp multilink group 123
ppp multilink fragment disable
service-policy output WAN-EDGE

interface GigabitEthernet0/0.1
description Local LAN
encapsulation dot1Q 1 native
ip address x.x.x.x y.y.y.y
ip helper-address x.x.x.x

ip helper-address x.x.x.x
ip accounting output-packets
ip wccp 61 redirect in
ip wccp 62 redirect out

interface Serial0/1/0.500 point-to-point

desc INET Connection
ip address  x.x.x.x y.y.y.y
ip access-group From_Inet in
snmp trap link-status
frame-relay interface-dlci 500 IETF
crypto ipsec client ezvpn backup

and somtimes ill get sites saying it slower..

when i look at the router util....i get 5% to 17% on a 5 min average...

right now im really unsure else what to look for.. any advice

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Bhavin Yadav Thu, 09/02/2010 - 11:36
User Badges:
  • Cisco Employee,


So, what we understand from the details given is that you have multiple links out of this location.

Did you get a chance to verify the Asymmetric routing?

With asymmetric routing, transmit and receive packets follow different paths between a host and the peer with which it communicates.

More details about Asymmetric routing in general is here:

To find out if WAE is having any connections in Asymmetric table is to use the command:

show stat conn pass | in Asymmetric

And watch for any connection with PT Asymmetric. The connection will remain in PT Asymmetric state for very little time before it goes to PT Pass through.

Another CLI command is to check history of PT Asymmetric. Cli command: show stat pass | in Asymmetric.

If you see any of the two counters increasing, then possibly Asymmetric routing is the issue.

Missing WCCP redirection statements on any interface that is recieving any traffic that needs to be optimzied may cause Asymmtetric routing.

Few more things to verify:

You may want to verify following things in the WAAS network.

1. Duplex

2. Fragmentation due to VPN tunnel - try lowering MTU and MSS on router or WAAS, depending upon originator / recipient of packets.

3. Connection status: is it showing same TDL / TCDL during both operations.

4. How is the reverse copy operation? is that working as expected?

5. WCCP parameters, esp. if you are using GRE as it will add up to overhead on the packet size overall.

6. Any disk issues on any of the WAEs (Client / server side)

7. Is this issue limited to these two sites or it is overall across all the sites?

8. show alarms on both WAEs to check if there is any alarm.

9. type-tail syslog.txt 200 and verify the logs. do you see any eye-catching error message popping up repeatedly during this file transfer or otherwise?

Depending upon above details, we may have to open other aspects to this issue.

Hope this helps.


wrobbin Thu, 09/02/2010 - 14:30
User Badges:

When i runn that command i get nothing

WAE-2020-574#show stat conn pass | in Asymmetric

so i assume thats good...this is limited to one site....

Yes at this site is GRE - GRE

Bhavin Yadav Thu, 09/02/2010 - 14:37
User Badges:
  • Cisco Employee,

How about

show stat pass | in Asymmetric --> This shows the whole history of asymmetric routing.

show stat conn pass | in Asymmetric --> shows only current active asymmetric connections.

Did you get a chance to verify other options?


wrobbin Thu, 09/02/2010 - 14:41
User Badges:

WAE-2020-574#show stat pass | in Asymmetric
Asymmetric                                 0                        23

well i got something....

WAE-2020-574#show stat pass

PT Client:
     Bytes                         176415609
     Packets                          464440
PT Server:
     Bytes                          71037613
     Packets                          338884
PT In Progress:
     Bytes                         330128193
     Packets                         1962822

                      Active                    Completed
                      ----------------------    ----------------------
Overall                                    6                    259164
No Peer                                    0                    104005
Rjct Capabilities                          0                         0
Rjct Resources                             0                         0
App Config                                 0                     14120
Global Config                              0                         0
Asymmetric                                 0                        23
In Progress                                6                    141003
Intermediate                               0                         0
Internal Error                             0                        13
App Override                               0                         0
Server Black List                          0                         0
AD Version Mismatch                        0                         0
AD AO Incompatible                         0                         0
AD AOIM Progress                           0                         0
DM Version Mismatch                        0                         0


i see 23 but out that many overall ?

wrobbin Thu, 09/02/2010 - 14:43
User Badges:

i cleared the stats and will watch ..but mainly how this site is ..two routers  HSRP one router has the MPLS the other the VPN with a weighted static

Bhavin Yadav Thu, 09/02/2010 - 15:02
User Badges:
  • Cisco Employee,

Thanks for sending out the output of sh stat conn.

It seems like you have a lot of PT NO Peer conenctions.

Do you have any firewall / CBAC based routers that could strip off the audo-discovery option of WAAS? if yes, you may want to have it allow this option to pass thru without any modification.


1. Is this issue happening sometime / frequently / everytime?

2. Is this issue affecting only one site or multiple site?

3. You may want to make sure that all the VPN and MPLS routers have proper WCCP redirections applied.

4. When this issue shows up, ask the user to reproduce the issue while you can monitor their conenction using this command on server andclietn side wae:

sh stat conn | in

Thsi will tell you exactly if the connection is optimzied or not. if yes, what optimization is taking place and if not, why it is not optimizing.

Hope this helps,


wrobbin Thu, 09/02/2010 - 17:43
User Badges:


1. Is this issue happening sometime / frequently / everytime?

seem to happen more in the morning and when i look at the Central Mager i see a spike in traffic where usally we have around a 60-90% util its drops to like 10%

2. Is this issue affecting only one site or multiple site?

Whats odd is a maybe 4 sites out of 30..are having this issues

3. You may want to make sure that all the VPN and MPLS routers have proper WCCP redirections applied.

what we do is

interface FastEthernet0/0.10
description Wireless,

encapsulation dot1Q 10
ip address x.x.x.x y.y.y.y
ip access-group CSM_FW_ACL_FastEthernet0/0.10 in
ip helper-address
ip helper-address

ip accounting output-packets
ip wccp 61 redirect in
ip wccp 62 redirect out
standby 10 ip

standby 10 preempt
standby 10 track Multilink1

with WCCP negotiated-return

Bhavin Yadav Fri, 09/03/2010 - 10:42
User Badges:
  • Cisco Employee,


Did you get a chance to verify other things I mentioned in my previous posts?

Further, looking at your interface config, it looks fine to me.

Now, looking back to your issue, more more check you want to do is - check the status of the connection of the user whenever a user complaints.

You can use command - sh stat conn | in .

If it shows pass thru, it is not optimizing the connection and obviously is going to be slow.

Do you see any alarms on WAE when this issue is happening?

Please also verify the syslog.txt for any eye catching error message apeparing when the users are having issues. Issue like TFO overload, duplex, Asymmetric routing may cause this kind of problem.



This Discussion