09-02-2010 09:40 AM
we have a duel connections at most of
our sites.....one VPN and one MPLS
so we have started doing this we dont use IP fowarding we use WCCP Negotiated Return ...
interface Multilink123
bandwidth 3072
ip address x.x.x.x y.y.y.y
no peer neighbor-route
ppp chap hostname
ppp multilink links minimum 1
ppp multilink group 123
ppp multilink fragment disable
service-policy output WAN-EDGE
interface GigabitEthernet0/0.1
description Local LAN
encapsulation dot1Q 1 native
ip address x.x.x.x y.y.y.y
ip helper-address x.x.x.x
ip helper-address x.x.x.x
ip accounting output-packets
ip wccp 61 redirect in
ip wccp 62 redirect out
interface Serial0/1/0.500 point-to-point
desc INET Connection
ip address x.x.x.x y.y.y.y
ip access-group From_Inet in
snmp trap link-status
frame-relay interface-dlci 500 IETF
crypto ipsec client ezvpn backup
and somtimes ill get sites saying it slower..
when i look at the router util....i get 5% to 17% on a 5 min average...
right now im really unsure else what to look for.. any advice
09-02-2010 11:36 AM
Hi,
So, what we understand from the details given is that you have multiple links out of this location.
Did you get a chance to verify the Asymmetric routing?
With asymmetric routing, transmit and receive packets follow different paths between a host and the peer with which it communicates.
More details about Asymmetric routing in general is here: http://www.cisco.com/web/services/news/ts_newsletter/tech/chalktalk/archives/200903.html
To find out if WAE is having any connections in Asymmetric table is to use the command:
show stat conn pass | in Asymmetric
And watch for any connection with PT Asymmetric. The connection will remain in PT Asymmetric state for very little time before it goes to PT Pass through.
Another CLI command is to check history of PT Asymmetric. Cli command: show stat pass | in Asymmetric.
If you see any of the two counters increasing, then possibly Asymmetric routing is the issue.
Missing WCCP redirection statements on any interface that is recieving any traffic that needs to be optimzied may cause Asymmtetric routing.
Few more things to verify:
You may want to verify following things in the WAAS network.
1. Duplex
2. Fragmentation due to VPN tunnel - try lowering MTU and MSS on router or WAAS, depending upon originator / recipient of packets.
3. Connection status: is it showing same TDL / TCDL during both operations.
4. How is the reverse copy operation? is that working as expected?
5. WCCP parameters, esp. if you are using GRE as it will add up to overhead on the packet size overall.
6. Any disk issues on any of the WAEs (Client / server side)
7. Is this issue limited to these two sites or it is overall across all the sites?
8. show alarms on both WAEs to check if there is any alarm.
9. type-tail syslog.txt 200 and verify the logs. do you see any eye-catching error message popping up repeatedly during this file transfer or otherwise?
Depending upon above details, we may have to open other aspects to this issue.
Hope this helps.
Regards.
09-02-2010 02:30 PM
When i runn that command i get nothing
WAE-2020-574#show stat conn pass | in Asymmetric
WAE-2020-574#
so i assume thats good...this is limited to one site....
Yes at this site is GRE - GRE
09-02-2010 02:37 PM
How about
show stat pass | in Asymmetric --> This shows the whole history of asymmetric routing.
show stat conn pass | in Asymmetric --> shows only current active asymmetric connections.
Did you get a chance to verify other options?
Regards.
09-02-2010 02:41 PM
WAE-2020-574#show stat pass | in Asymmetric
Asymmetric 0 23
WAE-2020-574#
well i got something....
WAE-2020-574#show stat pass
Outbound
----------------------
PT Client:
Bytes 176415609
Packets 464440
PT Server:
Bytes 71037613
Packets 338884
PT In Progress:
Bytes 330128193
Packets 1962822
Active Completed
---------------------- ----------------------
Overall 6 259164
No Peer 0 104005
Rjct Capabilities 0 0
Rjct Resources 0 0
App Config 0 14120
Global Config 0 0
Asymmetric 0 23
In Progress 6 141003
Intermediate 0 0
Internal Error 0 13
App Override 0 0
Server Black List 0 0
AD Version Mismatch 0 0
AD AO Incompatible 0 0
AD AOIM Progress 0 0
DM Version Mismatch 0 0
WAE-2020-574#
WAE-2020-574#
WAE-2020-574#
i see 23 but out that many overall ?
09-02-2010 02:43 PM
i cleared the stats and will watch ..but mainly how this site is ..two routers HSRP one router has the MPLS the other the VPN with a weighted static
09-02-2010 03:02 PM
Thanks for sending out the output of sh stat conn.
It seems like you have a lot of PT NO Peer conenctions.
Do you have any firewall / CBAC based routers that could strip off the audo-discovery option of WAAS? if yes, you may want to have it allow this option to pass thru without any modification.
Further,
1. Is this issue happening sometime / frequently / everytime?
2. Is this issue affecting only one site or multiple site?
3. You may want to make sure that all the VPN and MPLS routers have proper WCCP redirections applied.
4. When this issue shows up, ask the user to reproduce the issue while you can monitor their conenction using this command on server andclietn side wae:
sh stat conn | in
Thsi will tell you exactly if the connection is optimzied or not. if yes, what optimization is taking place and if not, why it is not optimizing.
Hope this helps,
Regards.
09-02-2010 05:43 PM
Further,
1. Is this issue happening sometime / frequently / everytime?
seem to happen more in the morning and when i look at the Central Mager i see a spike in traffic where usally we have around a 60-90% util its drops to like 10%
2. Is this issue affecting only one site or multiple site?
Whats odd is a maybe 4 sites out of 30..are having this issues
3. You may want to make sure that all the VPN and MPLS routers have proper WCCP redirections applied.
what we do is
!
interface FastEthernet0/0.10
description Wireless,
encapsulation dot1Q 10
ip address x.x.x.x y.y.y.y
ip access-group CSM_FW_ACL_FastEthernet0/0.10 in
ip helper-address
ip helper-address
ip accounting output-packets
ip wccp 61 redirect in
ip wccp 62 redirect out
standby 10 ip
standby 10 preempt
standby 10 track Multilink1
with WCCP negotiated-return
09-03-2010 10:42 AM
Hi,
Did you get a chance to verify other things I mentioned in my previous posts?
Further, looking at your interface config, it looks fine to me.
Now, looking back to your issue, more more check you want to do is - check the status of the connection of the user whenever a user complaints.
You can use command - sh stat conn | in
If it shows pass thru, it is not optimizing the connection and obviously is going to be slow.
Do you see any alarms on WAE when this issue is happening?
Please also verify the syslog.txt for any eye catching error message apeparing when the users are having issues. Issue like TFO overload, duplex, Asymmetric routing may cause this kind of problem.
Regards.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: