cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1224
Views
0
Helpful
4
Replies

1721: IOS Bug?

Scott Pichelman
Level 1
Level 1

Hi-

Just a newbie - hope I am posting in the correct forum/discussion area - if not, please tell me or direct me.

We have a 1721 here in our server room.

Our IOS version:

12.3.11(T10) --> c1700-k9o3sy7-mz.123-11.T10.bin

We have been experiencing issues w/ our User's application connections.

The IPSEC - VPN tunnels on our 7121 have not changed on either side.

The issue is that we are seeing dropped packets or slow performance across our VPN.

Our vendor claims it is a Cisco IOS bug w/ our 1721 router and to upgrade the IOS.

Her are the links:

https://supportforums.cisco.com/docs/DOC-1858

http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1828/products_tech_note09186a00800a65d1.shtml

The latest IOS from 2010 - downloaded from Cisco:

12.4.25d --> c1700-k9o3sy7-mz.124-25d.bin

After a few weeks we found this info in our VPN logs:

Jun 11 13:21:06 CDT: %C1700_EM-1-ERROR: packet-rx error: ESP sequence fail, id 66, pool offset 0

Jun 11 13:21:59 CDT: %ALIGN-3-SPURIOUS: Spurious memory access made at 0x814E0FD8 reading 0x310

Jun 11 13:21:59 CDT: %ALIGN-3-TRACE: -Traceback= 814E0FD8 812A8D9C 812B8CD0 812B65CC 812B6654 812B6824 812B692C 812B80A4

Else - we cannot pinpoint the issue after rebooting and further reviewing our logs on the router.

Does anyone have any further commands or info as to how we can diagnose?

Or should we just upgrade the IOS?

Are there any configuration glitches or issues w/ an IOS upgrade from 12.3 to 12.4?

BTW:

Cisco has dropped support on the 1721 - we cannot purchase a Smartnet contract either.

Any help is appreciated!

Thx.

-SP

1 Accepted Solution

Accepted Solutions

hobbe
Level 7
Level 7

Hi

This is for a Company right ?

Right off the bat the unit have been eos since 2007, that means that there is no support and no help from cisco anymore.

To even spend 2 minutes of your time on that unit is just wrong.

Change the 1721 to a unit that there is the possibility to get support and that works.

It does not matter if the unit "worked before" or if the problem is the other guys or not.

the basic facts are.

You cost money!  The breakdowns cost money !  Now you have to ask yourself how long before you break even on a new unit price ? over something that does not even have the possibillity to be supported anymore.

if you do not want to buy a new unit for full price, get a refurbished.

The 1721 was replaced by the 1841 if I do not remember wrong.

You can get refurbished 1841 routers for a reasonable price, they have been around for a while, or even better a 1900 series router and you are set for the future.

I do not know what type off link you have, but the 1721 have a limit of aprox 12 000 pps, ie it is rated for aprox 6Mbit, add vpn and 2 way communication and you are down to aprox 2 Mbit.

could this be the problem ?

If this would have been your own personal site or something like that then I would state that sure go ahead and do a proper analasysis but for a company the economic side puts it to a bad idea very quickly

Good luck

HTH

View solution in original post

4 Replies 4

fb_webuser
Level 6
Level 6

When you start gettimg traceback errors, usually due to memory leaks, it is time to upgrade the IOS...

---

Posted by WebUser Neeraj Jagga from Cisco Support Community App

Hi-

We upgraded the IOS tonight - as sugggested - still having timeouts and issues with connection to our vendor.

And noone is even using the VPN at present!

Here is what we uploaded - latest 1721 IOS --> c1700-k9o3sy7-mz.124-25d.bin.

We also have the "same" issue with our other office in another location(+ diff ISP) - they have a 1721 as well.

Seems as if there is an issue out on the internet or at our Vendors site - their VPN device or network equip.

We are not sure what to do next - thought of setting up anpother VPN tunnel to our provider from our PIX to prove our site is not at fault.

Any other ideas?

Thx much.

-SP

hobbe
Level 7
Level 7

Hi

This is for a Company right ?

Right off the bat the unit have been eos since 2007, that means that there is no support and no help from cisco anymore.

To even spend 2 minutes of your time on that unit is just wrong.

Change the 1721 to a unit that there is the possibility to get support and that works.

It does not matter if the unit "worked before" or if the problem is the other guys or not.

the basic facts are.

You cost money!  The breakdowns cost money !  Now you have to ask yourself how long before you break even on a new unit price ? over something that does not even have the possibillity to be supported anymore.

if you do not want to buy a new unit for full price, get a refurbished.

The 1721 was replaced by the 1841 if I do not remember wrong.

You can get refurbished 1841 routers for a reasonable price, they have been around for a while, or even better a 1900 series router and you are set for the future.

I do not know what type off link you have, but the 1721 have a limit of aprox 12 000 pps, ie it is rated for aprox 6Mbit, add vpn and 2 way communication and you are down to aprox 2 Mbit.

could this be the problem ?

If this would have been your own personal site or something like that then I would state that sure go ahead and do a proper analasysis but for a company the economic side puts it to a bad idea very quickly

Good luck

HTH

Scott Pichelman
Level 1
Level 1

Hi Guys-

Upgraded the OS an it did not help matters w/ our perf issues. Found out that we have streaming audio/video is part of the problem slowing down the connection since out internet traffic travels over the same ISP/ connection.

We suspect internet and/or vendor server/network perf issues on the other side of the VPN as well.

I agree that we should nt waster time on an old rotuer - we will not be using this device anymore in the next 6months - yr.

It's only function was to allow VPN access & NAT'ing to a vendor site.

Thanks for your help and insight.

-SP

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco