cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1823
Views
4
Helpful
8
Replies

Internet drop connection - 2Mbps LeasedLine

cheonghomtai
Level 1
Level 1

Hi,

Got leased line but recently have many time-out based on user internet access.

Even when few users, this happens.

Few things I notice:

A] LAN - lots of errors, replacing cable also same issue.

R2811#sh int fa0/0

FastEthernet0/0 is up, line protocol is up

  Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)

  Description: OFFICE-LAN1$FW_INSIDE$

  Internet address is 192.168.100.254/24

  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

     reliability 253/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s, 100BaseTX/FX

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:00:00, output 00:00:00, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/240/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 155000 bits/sec, 106 packets/sec

  5 minute output rate 459000 bits/sec, 91 packets/sec

     63314972 packets input, 1816524137 bytes

     Received 984419 broadcasts, 0 runts, 0 giants, 13 throttles

     2623092 input errors, 0 CRC, 0 frame, 0 overrun, 2623092 ignored

     0 watchdog

     0 input packets with dribble condition detected

     64916648 packets output, 929622535 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     23385 unknown protocol drops

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

B] WAN - some dropped output

Serial0/2/0:0 is up, line protocol is up
  Hardware is GT96K Serial
  Description: E1-Controller WAN Link$FW_OUTSIDE$
  Internet address is 6x.x.x.x/30
  MTU 1500 bytes, BW 1984 Kbit/sec, DLY 20000 usec,
     reliability 255/255, txload 11/255, rxload 59/255
  Encapsulation HDLC, loopback not set
  Keepalive set (10 sec)
  CRC checking enabled
  Last input 00:00:00, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/17726/0 (size/max/drops/flushes); Total output drops: 31810
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/31778 (size/max total/threshold/drops)
     Conversations  0/123/256 (active/max active/max total)
     Reserved Conversations 0/0 (allocated/max allocated)
     Available Bandwidth 1488 kilobits/sec
  5 minute input rate 460000 bits/sec, 102 packets/sec
  5 minute output rate 91000 bits/sec, 80 packets/sec
     68912325 packets input, 682636600 bytes, 0 no buffer
     Received 151541 broadcasts, 0 runts, 0 giants, 0 throttles
     573 input errors, 573 CRC, 82 frame, 81 overrun, 0 ignored, 488 abort
     69701131 packets output, 910813236 bytes, 0 underruns
     0 output errors, 0 collisions, 5 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out
     4 carrier transitions
  Timeslot(s) Used:1-31, SCC: 0, Transmitter delay is 0 flags

C] High Reassembly

R2811#sh ip virtual-reassembly
FastEthernet0/0:
Virtual Fragment Reassembly (VFR) is ENABLED...
Concurrent reassemblies (max-reassemblies): 128
Fragments per reassembly (max-fragments): 32
Reassembly timeout (timeout): 3 seconds
Drop fragments: OFF

Current reassembly count:0
Current fragment count:0
Total reassembly count:3001309
Total reassembly timeout count:134

Serial0/2/0:0:
Virtual Fragment Reassembly (VFR) is ENABLED...
Concurrent reassemblies (max-reassemblies): 128
Fragments per reassembly (max-fragments): 32
Reassembly timeout (timeout): 5 seconds
Drop fragments: OFF

Current reassembly count:0
Current fragment count:0
Total reassembly count:526034
Total reassembly timeout count:7650

Any ideas what can be done on this?

Thanks,

Hom

8 Replies 8

sean_evershed
Level 7
Level 7

Without understanding your whole infrastructure if you paste the errors from FA0/0 into the Cisco Output Interpreter tool you get the following results:

WARNING: 2623092 packets have been 'ignored' by the interface because the interface

  hardware ran low on internal buffers.

  TRY THIS: Monitor the ignored packets over time. If they are increasing, paste

  the output from the 'show buffers' command into Output Interpreter to see if

  the buffers can be tuned. Also, compare with the 'no buffer' counter and input/output

  queue drops. Broadcast storms can cause the 'ignored' counter to increment.

Here's the config on interface.

FA0/0 - LAN, S0/2/0:0 WAN (VWIC-2MFT-E1-DI) via Fiber to Provider.

interface FastEthernet0/0
description OFFICE-LAN1$FW_INSIDE$
ip address 192.168.100.254 255.255.255.0
no ip redirects
no ip unreachables
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly max-reassemblies 128
zone-member security ZONE-1
duplex auto
speed auto
ipv6 address 2002:xxxx::/64
ipv6 enable
no mop enabled
service-policy input POLICY1
end

ISR2811#
ISR2811#
ISR2811#sh run int s0/2/0:0
Building configuration...

Current configuration : 368 bytes
!
interface Serial0/2/0:0
description E1-Controller WAN Link$FW_OUTSIDE$
ip address 6x.x.x.x 255.255.255.252
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly max-reassemblies 128 timeout 5
zone-member security ZONE-3
snmp trap ip verify drop-rate
no cdp enable
end

I have tried modifying the reassembly, to lower the reassembly but not much difference.

How do you get buffer into Output Interpreter? Thks.

Leo Laohoo
Hall of Fame
Hall of Fame

R2811#sh int fa0/0

FastEthernet0/0 is up, line protocol is up

  Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)

  Description: OFFICE-LAN1$FW_INSIDE$

  Internet address is 192.168.100.254/24

  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

  reliability 253/255, txload 1/255, rxload 1/255

You have a possible Layer-1 issue.

Now the reliability is 255/255.

So could not be L1 issue rite.

Now the reliability is 255/255.

So could not be L1 issue rite.

I beg to differ.  NOW the reliability to 255/255.  But when the lines "falter", that number goes down.  If you don't trust me, get a TDR done.  The "reliability" numbers are suppose to stay fixed at 255.  I've seen alot of these to know when I'm dealing with a Layer 1 issue.

Plus look at your line errors on this particular interface.  You have nothing but input errors.  No CRC. 

Hi Thanks for the info,

I have cleared the interface yesterday:

FastEthernet0/0 is up, line protocol is up

  Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)

  Description: OFFICE-LAN1$FW_INSIDE$

  Internet address is 192.168.100.254/24

  MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s, 100BaseTX/FX

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:00:00, output 00:00:00, output hang never

  Last clearing of "show interface" counters 1d02h

  Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 25000 bits/sec, 13 packets/sec

  5 minute output rate 59000 bits/sec, 8 packets/sec

     2620428 packets input, 533445048 bytes

     Received 90467 broadcasts, 0 runts, 0 giants, 0 throttles

     87832 input errors, 0 CRC, 0 frame, 0 overrun, 87832 ignored

     0 watchdog

     0 input packets with dribble condition detected

     2357032 packets output, 1836221838 bytes, 0 underruns

     0 output errors, 0 collisions, 0 interface resets

     6564 unknown protocol drops

     0 babbles, 0 late collision, 0 deferred

     0 lost carrier, 0 no carrier

     0 output buffer failures, 0 output buffers swapped out

So for a day, 87,832 errors out of 2,620,428 = 3.3%

Is that the right way to count?

Also, my INSIDE interface going OUTSIDE have Zone-Pair applied:

So far, it has processed the inspect but I don't see the match traffic like http, dns, etc.

Not sure if the half-session is making the session time-out or slowed?

Here the policy map:

policy-map type inspect A_OUTBOUND_INTERNET

class type inspect 0_INVALID_CLASS

  drop log

class type inspect 1_INTERNET_CLASS

  inspect

class type inspect 2_TORRENT_CLASS

  drop

class type inspect 4_IPSEC_CLASS

  pass

class type inspect 5_ICMP_OUT

  inspect

class class-default

  pass

policy exists on zp ZP1-3

Zone-pair: ZP1-3

  Service-policy inspect : A_OUTBOUND_INTERNET

    Class-map: 0_INVALID_CLASS (match-all)

      Match: access-group name INVALID_LIST

      Drop

        0 packets, 0 bytes

    Class-map: 1_INTERNET_CLASS (match-all)

      Match: class-map match-any CLASS_INTERNET

        Match: protocol dns

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol ftp

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol telnet

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol h323

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol http

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol https

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol pop3

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol smtp extended

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol vdolive

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol tcp

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol udp

          0 packets, 0 bytes

          30 second rate 0 bps

        Match: protocol icmp

          0 packets, 0 bytes

          30 second rate 0 bps

   Inspect

        Packet inspection statistics [process switch:fast switch]

        tcp packets: [3368922:76477324]

        udp packets: [6592324:35690739]

        icmp packets: [1422:77117]

        Session creations since subsystem startup or last reset 9632576

        Current session counts (estab/half-open/terminating) [674:16:166]

        Maxever session counts (estab/half-open/terminating) [3843:3171:733]

        Last session created 00:00:00

        Last statistic reset never

        Last session creation rate 127

        Maxever session creation rate 5380

        Last half-open session total 16

That input error is pretty high for me to stomach. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: