Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Relation between bit/sec & packets/sec

Hi Everyone,

I am using a VPN setup between two sites.

And would like to understand the relation between 'bits/sec' and 'packets/sec'.

Basically i have two sites running an IPSEC between them, (crypto map is configured on the WAN interfaces. So as an example the moment i push traffic from the LAN it gets encrypted and goes through to the other side through the point to point WAN as encrypted.

When i use the: 'show interface fa0/1 (LAN interface) & the fa 0/0 (WAN interface)' i noticed that the 'packets/sec' is double on the WAN than on the LAN. What i understand is that is could be from the encryption happening due to the IPSEC. But when i check the 'bits/sec' on both fa0/1(LAN) & fa0/0 (WAN) the ratio in not double. it is about 11.3%..I tried this for different B.W's being pushed from the LAN using a traffic generator, and i still get the same ratio for both 'bits/sec;11.3% overhead' & 'packets/sec;50% overhead'.

Hall of Fame Super Silver

Re: Relation between bit/sec & packets/sec


I believe that the behavior perhaps reflects the impact of IPSec with extra header information causing fragmentation of packets. When processing IPSec it adds extra header information for each packet. I suspect that the 11.3% probably reflects the extra header information. If the original packets were near maximum size and you add extra header information then it is likely that the packets will be fragmented for transmission. The doubling of the number of packets may well be that each packet is fragmented because of the extra header included causing every packet from the inside interface resulting in two packets on the outside interface.



CreatePlease login to create content