03-04-2012 07:13 PM - edited 03-04-2019 03:32 PM
Hi,
Got leased line but recently have many time-out based on user internet access.
Even when few users, this happens.
Few things I notice:
A] LAN - lots of errors, replacing cable also same issue.
R2811#sh int fa0/0
FastEthernet0/0 is up, line protocol is up
Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)
Description: OFFICE-LAN1$FW_INSIDE$
Internet address is 192.168.100.254/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 253/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/240/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 155000 bits/sec, 106 packets/sec
5 minute output rate 459000 bits/sec, 91 packets/sec
63314972 packets input, 1816524137 bytes
Received 984419 broadcasts, 0 runts, 0 giants, 13 throttles
2623092 input errors, 0 CRC, 0 frame, 0 overrun, 2623092 ignored
0 watchdog
0 input packets with dribble condition detected
64916648 packets output, 929622535 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
23385 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
B] WAN - some dropped output
Serial0/2/0:0 is up, line protocol is up
Hardware is GT96K Serial
Description: E1-Controller WAN Link$FW_OUTSIDE$
Internet address is 6x.x.x.x/30
MTU 1500 bytes, BW 1984 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 11/255, rxload 59/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
CRC checking enabled
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/17726/0 (size/max/drops/flushes); Total output drops: 31810
Queueing strategy: weighted fair
Output queue: 0/1000/64/31778 (size/max total/threshold/drops)
Conversations 0/123/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1488 kilobits/sec
5 minute input rate 460000 bits/sec, 102 packets/sec
5 minute output rate 91000 bits/sec, 80 packets/sec
68912325 packets input, 682636600 bytes, 0 no buffer
Received 151541 broadcasts, 0 runts, 0 giants, 0 throttles
573 input errors, 573 CRC, 82 frame, 81 overrun, 0 ignored, 488 abort
69701131 packets output, 910813236 bytes, 0 underruns
0 output errors, 0 collisions, 5 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
4 carrier transitions
Timeslot(s) Used:1-31, SCC: 0, Transmitter delay is 0 flags
C] High Reassembly
R2811#sh ip virtual-reassembly
FastEthernet0/0:
Virtual Fragment Reassembly (VFR) is ENABLED...
Concurrent reassemblies (max-reassemblies): 128
Fragments per reassembly (max-fragments): 32
Reassembly timeout (timeout): 3 seconds
Drop fragments: OFF
Current reassembly count:0
Current fragment count:0
Total reassembly count:3001309
Total reassembly timeout count:134
Serial0/2/0:0:
Virtual Fragment Reassembly (VFR) is ENABLED...
Concurrent reassemblies (max-reassemblies): 128
Fragments per reassembly (max-fragments): 32
Reassembly timeout (timeout): 5 seconds
Drop fragments: OFF
Current reassembly count:0
Current fragment count:0
Total reassembly count:526034
Total reassembly timeout count:7650
Any ideas what can be done on this?
Thanks,
Hom
03-04-2012 07:57 PM
Without understanding your whole infrastructure if you paste the errors from FA0/0 into the Cisco Output Interpreter tool you get the following results:
WARNING: 2623092 packets have been 'ignored' by the interface because the interface
hardware ran low on internal buffers.
TRY THIS: Monitor the ignored packets over time. If they are increasing, paste
the output from the 'show buffers' command into Output Interpreter to see if
the buffers can be tuned. Also, compare with the 'no buffer' counter and input/output
queue drops. Broadcast storms can cause the 'ignored' counter to increment.
03-04-2012 10:34 PM
Here's the config on interface.
FA0/0 - LAN, S0/2/0:0 WAN (VWIC-2MFT-E1-DI) via Fiber to Provider.
interface FastEthernet0/0
description OFFICE-LAN1$FW_INSIDE$
ip address 192.168.100.254 255.255.255.0
no ip redirects
no ip unreachables
ip nbar protocol-discovery
ip flow ingress
ip nat inside
ip virtual-reassembly max-reassemblies 128
zone-member security ZONE-1
duplex auto
speed auto
ipv6 address 2002:xxxx::/64
ipv6 enable
no mop enabled
service-policy input POLICY1
end
ISR2811#
ISR2811#
ISR2811#sh run int s0/2/0:0
Building configuration...
Current configuration : 368 bytes
!
interface Serial0/2/0:0
description E1-Controller WAN Link$FW_OUTSIDE$
ip address 6x.x.x.x 255.255.255.252
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly max-reassemblies 128 timeout 5
zone-member security ZONE-3
snmp trap ip verify drop-rate
no cdp enable
end
I have tried modifying the reassembly, to lower the reassembly but not much difference.
How do you get buffer into Output Interpreter? Thks.
03-04-2012 08:00 PM
R2811#sh int fa0/0
FastEthernet0/0 is up, line protocol is up
Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)
Description: OFFICE-LAN1$FW_INSIDE$
Internet address is 192.168.100.254/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 253/255, txload 1/255, rxload 1/255
You have a possible Layer-1 issue.
03-05-2012 11:53 PM
Now the reliability is 255/255.
So could not be L1 issue rite.
03-06-2012 07:49 PM
Now the reliability is 255/255.
So could not be L1 issue rite.
I beg to differ. NOW the reliability to 255/255. But when the lines "falter", that number goes down. If you don't trust me, get a TDR done. The "reliability" numbers are suppose to stay fixed at 255. I've seen alot of these to know when I'm dealing with a Layer 1 issue.
Plus look at your line errors on this particular interface. You have nothing but input errors. No CRC.
03-07-2012 10:32 PM
Hi Thanks for the info,
I have cleared the interface yesterday:
FastEthernet0/0 is up, line protocol is up
Hardware is MV96340 Ethernet, address is 0018.ba0a.6cf0 (bia 0018.ba0a.6cf0)
Description: OFFICE-LAN1$FW_INSIDE$
Internet address is 192.168.100.254/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters 1d02h
Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 25000 bits/sec, 13 packets/sec
5 minute output rate 59000 bits/sec, 8 packets/sec
2620428 packets input, 533445048 bytes
Received 90467 broadcasts, 0 runts, 0 giants, 0 throttles
87832 input errors, 0 CRC, 0 frame, 0 overrun, 87832 ignored
0 watchdog
0 input packets with dribble condition detected
2357032 packets output, 1836221838 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
6564 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
So for a day, 87,832 errors out of 2,620,428 = 3.3%
Is that the right way to count?
03-07-2012 10:39 PM
Also, my INSIDE interface going OUTSIDE have Zone-Pair applied:
So far, it has processed the inspect but I don't see the match traffic like http, dns, etc.
Not sure if the half-session is making the session time-out or slowed?
Here the policy map:
policy-map type inspect A_OUTBOUND_INTERNET
class type inspect 0_INVALID_CLASS
drop log
class type inspect 1_INTERNET_CLASS
inspect
class type inspect 2_TORRENT_CLASS
drop
class type inspect 4_IPSEC_CLASS
pass
class type inspect 5_ICMP_OUT
inspect
class class-default
pass
policy exists on zp ZP1-3
Zone-pair: ZP1-3
Service-policy inspect : A_OUTBOUND_INTERNET
Class-map: 0_INVALID_CLASS (match-all)
Match: access-group name INVALID_LIST
Drop
0 packets, 0 bytes
Class-map: 1_INTERNET_CLASS (match-all)
Match: class-map match-any CLASS_INTERNET
Match: protocol dns
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol ftp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol telnet
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol h323
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol http
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol https
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol pop3
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol smtp extended
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol vdolive
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol tcp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol udp
0 packets, 0 bytes
30 second rate 0 bps
Match: protocol icmp
0 packets, 0 bytes
30 second rate 0 bps
Inspect
Packet inspection statistics [process switch:fast switch]
tcp packets: [3368922:76477324]
udp packets: [6592324:35690739]
icmp packets: [1422:77117]
Session creations since subsystem startup or last reset 9632576
Current session counts (estab/half-open/terminating) [674:16:166]
Maxever session counts (estab/half-open/terminating) [3843:3171:733]
Last session created 00:00:00
Last statistic reset never
Last session creation rate 127
Maxever session creation rate 5380
Last half-open session total 16
03-09-2012 01:53 PM
That input error is pretty high for me to stomach.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: