Seeing similar here on 3850 stack. Running 03.03.01SE IOS-XE. Core 0: CPU utilization for five seconds: 45%; one minute: 40%; five minutes: 39% Core 1: CPU utilization for five seconds: 57%; one minute: 46%; five minutes: 45% Core 2: CPU utilization for five seconds: 58%; one minute: 57%; five minutes: 54% Core 3: CPU utilization for five seconds: 39%; one minute: 56%; five minutes: 56% PID     T C  TID     Runtime(ms) Invoked   uSecs  5Sec   1Min 5Min TTY   Process                                                   (%)    (%)  (%) 5679    L            2207615     162418091 66     23.7   23.1 22.7 1088  fed 5679    L 2  5679    29940       7879      0      0.00   0.00 0.00 1088  fed 5679    L 0  6112    321780      319764    0      0.00   0.03 0.04 1088  fed 5679    L 2  6113    520         24080     0      0.00   0.00 0.00 1088  fed 5679    L 2  6114    8770        5395188   0      0.00   0.03 0.04 0     CMI default xdm 5679    L 1  6115    320         16534     0      0.00   0.00 0.00 0     fed 5679    L 2  6118    1130370     5020432   0      0.62   0.74 0.74 0     fed-ots-main 5679    L 1  6119    20          1303      0      0.00   0.00 0.00 0     fed-ots-mo 5679    L 2  6121    3855140     224587    0      0.52   0.49 0.48 0     fed-ots-nfl 5679    L 1  6122    23500       1399239   0      0.00   0.04 0.01 0     fed 5679    L 2  6123    11430       231772    0      0.00   0.01 0.03 0     pdslib thread 5679    L 1  6124    189270      9882134   0      0.05   0.04 0.04 0     Timer 5679    L 1  6125    0           2808      0      0.00   0.00 0.00 0     fed 5679    L 1  6144    793970      8150598   0      0.29   0.21 0.20 0     IntrDrv 5679    L 1  6147    33730       2295636   0      0.00   0.01 0.00 0     LED 5679    L 0  10452   40          9474      0      0.00   0.00 0.00 0     Xcvr 5679    L 1  10456   1922330     107887089 0      0.33   0.22 0.20 0     Xcvr 5679    L 3  12275   110         10697     0      0.00   0.00 0.00 0     PdsEvent 5679    L 2  12276   980070      7963687   0      0.71   0.49 0.48 0     PunjectRx 5679    L 0  12277   1263190     4878455   0      21.1   20.8 20.5 0     PunjectTx 5679    L 0  12278   0           7567      0      0.00   0.00 0.00 0     Consistency 5679    L 0  12279   0           7567      0      0.00   0.00 0.00 0     ShFwd 5679    L 1  12283   0           7580      0      0.00   0.00 0.00 0     eicore_bdn 5679    L 1  12284   0           7580      0      0.00   0.00 0.00 0     eicore_bdn 5679    L 1  12285   0           7579      0      0.00   0.00 0.00 0     eicore_bdn 5679    L 3  12289   10          7608      0      0.00   0.00 0.00 0     eicore_ipc 5679    L 0  12298   0           7788      0      0.00   0.00 0.00 0     fed 5679    L 2  12610   0           7875      0      0.00   0.00 0.00 0     fed 5679    L 2  12801   233040      8635591   0      0.05   0.02 0.03 0     XcvrPoll ... View more

Have you set the options for the NAT rules for your remote subnets? I've had this behaviour and on my NAT for my remote IPsec VPN subnets I disable Proxy ARP on egress interface. I dedicate the inside interface for management on the ASA 5505s. This then resolves the ICMP and SNMP polling issue from Solarwinds to the remote ASA 5505s when using the inside interface on the remote ASAs. ... View more

It should support a connection that size with no problem at all. Glad to have helped. Let us know if the speed issue persists after getting the speed and duplex settings resolved. Be sure to mark this thread answered if it is ... View more

Call the team who manage the router your device connects to, ask them what they have set the speed and duplex to, from what you are describing I expect they have forced the settings. Once you have the speed and duplex settings confirmed by them jump onto your fa0/0 interface and configure the same speed and duplex settings. int fa0/0 speed 10 duplex full then clear the counters and review them again, hopefully they should have stopped and you'll get the speed you are expecting. A fastethernet port will support anything from 1 - 100Mb, but when the speed and duplex settings are set differently on each connected device you will get all sorts of connection speed issues. ISPs usually force their settings but by default the Cisco router will be using Speed Auto, Duplex Auto which are not displayed in a show run as they are command defaults. When you fix the speed and duplex settings they will appear in the show run. Hopefully this will resolve your issue. ... View more

Check that the speed and duplex settings match between the 2 devices. If it is forced on onside it could create that issue. Here is what I would do, clear interface counters on your router, view the interface statistics and look for any errors. If you need further help post back those results here. clear count fastethernet0/0 show interface fastethernet0/0 or show interface counters errors keep reviewing the show interface results to see if any error conditions go up. ... View more

Its certainly looking like its an ISP supplied router. Over here in the UK BT supply their broadband customers with the HomeHub and from discussions with them only certain features are available on the router to certain customers, consumer vs busiiness. They have refused to flash the firmware to give our users access to turn off UDP flooding and strict UDP control on the routers so its blocking the traffic at the users connection. Fortunately it wasn't anything in the cloud and we've replaced the BT Home Hub with an off the shelf purchased home router and all is well again. ... View more

If you are wanting to inspect all packets then inline is definitely the way to go forward, but be warned if your inline device fails all outbound connectivity is going to be lost with it. That is my major caution with inline, although some hardware will support open pass through failure. If you simply want to redirect specific ports/traffic and proxy them through an appliance then WCCP is what you want to do. You are correct in thinking WCCP host will only use on NIC for connectivity, but with multiple WCCP hosts in the service group that gives you the resililiency. Using the service group to target that traffic with an ACL you can be very specific on the edge device on what you want to redirect, reducing load. What are the problems you are experiencing with WCCP? I have seen deployments where all traffic is getting WCCP redirected and then routed back to the edge device and this would create a significant overhead on both the edge device and the WCCP device as the traffic will be getting inspected twice. In my opinion the efficiency is in the detail when you setup WCCP. Hope that helps. ... View more

I find WCCP is much easier to implement for High Availability and Redundancy. It also allows you to do maintenance works easier than an inline solution. You can simply add another device to the WCCP service group. When you operate inline, the inline device also has to work harder to inspect all traffic before passing it to the edge, whereas with WCCP you specify what traffic gets redirected for proxying. With my experience of setting up WCCP this adds little overhead to the edge device. I have had to convert quite a few systems from inline deployments to WCCP due to issues inline creating interface failures and generating some really weird scenarios where devices would flap between each other. I've never had this experience once I've converted to WCCP deployment. I will admit I've never been involved in the original inline deployments and they could have been bad installs but when I've converted to WCCP the benefits were easily seen. The only major hurdle with WCCP is troubleshooting traffic paths to make sure WCCP is redirecting traffic as you expect it to. ... View more

What type of tunnel? Split or tunnel everything? And we will need to know authentication configuration, shared key or user logon required? ... View more