Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
949
Views
0
Helpful
2
Replies

load sharing between Wan Routers and Core Switch

Mohamed.Samhoud1
Level 1
Level 1

‎03-22-2012 04:24 PM

hi Folks,

please i need help as i have strange behaviour,

i have two wan routers connected to two core switches with cross connection and RTG is OSPF and also i have  firewall connected to core switches.

the problem is when users connected to servers via VPN that terminated on the firwall they not facing any slowness issue but if they connected to servers via the wan routers they facing slowness and also kindly find the configuration below,

1- VPN users >>> FW >>> Core switch >>> Service Sw >>>> Serverfarm

2- Users via Lan>>> Wan routers >>> Core switch >>> Service Sw >>>> Serverfarm

the connectivity between wan routers and coreswitch is

WAN RO01  G3/1 >>>Core SW01  Gi2/35

WAN RO01 G3/2 >>>Core SW02 Gi2/36

WAN RO02 G3/1 >>>Core SW02 Gi2/35

WAN RO02 G3/2 >>>Core SW01 Gi2/36

and herbelow the configuration of the four interfaces.

please any body help me in that as it is very urgent.

LADCEDRO01#sh run int Gi3/1

Building configuration...

Current configuration : 246 bytes

!

interface GigabitEthernet3/1

description connection to Coreswitch 1

ip address x.x.x.x  255.255.255.252

ip nat inside

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

end

LADCEDRO01#sh run int Gi3/2

Building configuration...

Current configuration : 264 bytes

!

interface GigabitEthernet3/2

description connection to Coreswitch 2

ip address x.x.x.x  255.255.255.252

ip nat inside

ip flow ingress

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

end

LGDCCS01#sh run int Gi2/35

Building configuration...

Current configuration : 591 bytes

!

interface GigabitEthernet2/35

description connection to WAN router 1

ip address x.x.x.x 255.255.255.252

ip nat outside

ip wccp 62 redirect in

ip flow ingress

ip flow egress

no ip mroute-cache

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

wrr-queue cos-map 2 1 1 2

wrr-queue cos-map 3 5 3 4

wrr-queue cos-map 3 7 6 7

rcv-queue cos-map 1 2 1

rcv-queue cos-map 1 3 2

rcv-queue cos-map 1 4 3

rcv-queue cos-map 1 5 4

rcv-queue cos-map 1 6 5

rcv-queue cos-map 1 7 6

rcv-queue cos-map 1 8 7

LGDCCS02#sh run int Gi2/36

Building configuration...

Current configuration : 538 bytes

!

interface GigabitEthernet2/36

description connection to WAN router 1

ip address x.x.x.x 255.255.255.252

ip nat outside

ip wccp 62 redirect in

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

wrr-queue cos-map 2 1 1 2

wrr-queue cos-map 3 5 3 4

wrr-queue cos-map 3 7 6 7

rcv-queue cos-map 1 2 1

rcv-queue cos-map 1 3 2

rcv-queue cos-map 1 4 3

rcv-queue cos-map 1 5 4

rcv-queue cos-map 1 6 5

rcv-queue cos-map 1 7 6

rcv-queue cos-map 1 8 7

end

LADCEDRO02#sh run int GigabitEthernet3/1

Building configuration...

Current configuration : 231 bytes

!

interface GigabitEthernet3/1

description connection to Coreswitch 1

ip address x.x.x.x 255.255.255.252

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

end

LADCEDRO02#sh run int GigabitEthernet3/2

Building configuration...

Current configuration : 264 bytes

!

interface GigabitEthernet3/2

description connection to Coreswitch 2

ip address x.x.x.x 255.255.255.252

ip flow ingress

ip flow egress

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

end

LGDCCS02#sh run int Gi2/35

Building configuration...

Current configuration : 538 bytes

!

interface GigabitEthernet2/35

description connection to WAN router 2

ip address x.x.x.x 255.255.255.252

ip nat outside

ip wccp 62 redirect in

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

wrr-queue cos-map 2 1 1 2

wrr-queue cos-map 3 5 3 4

wrr-queue cos-map 3 7 6 7

rcv-queue cos-map 1 2 1

rcv-queue cos-map 1 3 2

rcv-queue cos-map 1 4 3

rcv-queue cos-map 1 5 4

rcv-queue cos-map 1 6 5

rcv-queue cos-map 1 7 6

rcv-queue cos-map 1 8 7

end

LGDCCS01#sh run int Gi2/36

Building configuration...

Current configuration : 591 bytes

!

interface GigabitEthernet2/36

description connection to WAN router 2

ip address x.x.x.x 255.255.255.252

ip nat outside

ip wccp 62 redirect in

ip flow ingress

ip flow egress

no ip mroute-cache

ip ospf network point-to-point

ip ospf hello-interval 1

ip ospf dead-interval 3

ip ospf retransmit-interval 1

wrr-queue cos-map 2 1 1 2

wrr-queue cos-map 3 5 3 4

wrr-queue cos-map 3 7 6 7

rcv-queue cos-map 1 2 1

rcv-queue cos-map 1 3 2

rcv-queue cos-map 1 4 3

rcv-queue cos-map 1 5 4

rcv-queue cos-map 1 6 5

rcv-queue cos-map 1 7 6

rcv-queue cos-map 1 8 7

Labels:
0 Helpful
2 Replies 2

Alejandro Aceituno canal
Level 1
Level 1

‎03-22-2012 08:10 PM

   Hi Mohammed.

   Why do you have the ip nat commands on routers and switches interfaces?, you have ip nat outside at the switches, and ip nat inside in the routers. So you will have configured something like this :

   sw lan intf   ip nat inside     ---   sw wan intf ip nat outside   --- router wan intf ip nat inside  --- router lan intf ip nat outside

  Are you using some kind of double layer nat?. If you area already doing nat in your switches, you dont need this in your wan routers. Or viceversa, you could delete you switches nat configuration and apply this in your routers.

    Your nat, wccp or qos configuration in the switch could be the cause of this slowness issue. I suppose you qos configuration is consistently applied in all interfaces.

     First check your nat configuration, because if not needed could be the most likely cause. The switch and router have to perform a lookup on every packet in the inside and outside interfaces, looking for a matching translation or nat rule that match on those packets. This will increase processing time, cpu usage, etc. Check your cpu on both routers and switches.

  Br

  Alex.

0 Helpful

Mohamed.Samhoud1
Level 1
Level 1
In response to Alejandro Aceituno canal

‎03-23-2012 01:19 AM

kindly note when i pinged from the wan router to server farm it was 100% how come and slowness on responding in that case, also how can i check the double layer nat

sorry i'm out of office now and will reach after 30 min and check ur recomendation,

appreciating your reply.

0 Helpful
Customers Also Viewed These Support Documents