Bottleneck on serial port!

[crleacock]

Hello all! I've got two Cisco 2500 routers that are each connected to the internet. When I ping their serial ports from the outside I get an extremely slow response time. Also, when I ping anything on the outside from the routers I get an extremely slow response time. Any thoughts? I've posted the config below.

Using 2014 out of 32762 bytes

version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers

hostname Router2

ip subnet-zero
ip name-server 65.24.0.165



interface Ethernet0
ip address 172.16.1.3 255.255.255.0
no ip directed-broadcast
ip nat inside

interface Serial0
ip address 24.123.159.54 255.255.255.252
no ip directed-broadcast
ip nat outside
encapsulation ppp

interface Serial1
no ip address
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
shutdown

ip nat pool roadrunner 24.123.159.54 24.123.159.54 netmask 255.255.255.252
ip nat inside source list 1 pool roadrunner overload
ip classless
ip route 0.0.0.0 0.0.0.0 24.123.159.53


ip access-list extended inboundfilters
permit tcp any host 204.210.247.206 eq telnet
evaluate tcptraffic
evaluate icmptraffic
evaluate udptraffic
evaluate iptraffic
permit ip any host 24.123.158.52
permit ip any host 24.123.158.53
permit ip any host 24.123.158.54
permit ip any host 24.123.158.55
permit icmp any host 24.123.158.52
permit icmp any host 24.123.158.53
permit icmp any host 24.123.158.54
permit icmp any host 24.123.158.55
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic
permit udp any any reflect udptraffic
permit icmp any any reflect icmptraffic
permit ip any any reflect iptraffic
access-list 1 permit 172.16.1.0 0.0.0.255
access-list 3 deny 24.123.158.61
access-list 3 deny 24.123.158.60
access-list 3 deny 24.123.158.62
access-list 3 deny 24.123.158.57
access-list 3 deny 24.123.158.56
access-list 3 deny 24.123.158.59
access-list 3 deny 24.123.158.58
access-list 3 deny 24.123.158.51
access-list 3 deny 24.123.158.50
access-list 3 permit any

line con 0
password (blocked out)
login
transport input none
line aux 0
transport input all
line vty 0 4
password (blocked out)
login

end

 

[thethmon]

Not sure what your problem could be, but why not skip the nat ip list and just overload the serial interface on the 'ip nat inside source list' command. Can't think of the exact syntax off the top of my head, but I've used it before without problems. Todd Hethmon
thethmon@hethmon.com

 

[rburke]

Also, you might want to check what the clockrate is on which ever router is providing the clockrate. There is no reason to have a slow clockrate if you have them back-to-back. Post the config of the other router as well, with a copy of you ping and traces to show the slow serials.

Burke

 

[crleacock]

Thanks for the replies. Here's the config for the other router. Below it is the result of a ping and below that is the result of a tracert. I haven't been out to the client's site but I'm told that the ethernet port of one of the routers is plugged into a Linksys internet router which is then plugged into the switch. I can't ping the ethernet port of one router from inside the other. I was wondering if this might have something to do with it? Also, I can't find anything in either router about a clockrate. Thanks for helping a novice!

Using 1990 out of 32762 bytes

Version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

hostname Router

no logging console
enable secret 5 $1$QsYV$Um8cm0pGpU6Yti/3vuXR0.

ip subnet-zero
ip name-server 65.24.0.165



interface Ethernet0
ip address 24.123.158.49 255.255.255.240 secondary
ip address 172.16.1.2 255.255.255.0
no ip directed-broadcast
ip nat inside

interface Serial0
ip address 24.123.159.50 255.255.255.252
no ip directed-broadcast
ip nat outside
encapsulation ppp

interface Serial1
no ip address
no ip directed-broadcast
shutdown

ip nat pool roadrunner 24.123.159.50 24.123.159.50 netmask 255.255.255.252
ip nat inside source list 1 pool roadrunner overload
ip classless
ip route 0.0.0.0 0.0.0.0 24.123.159.49


ip access-list extended inboundfilters
permit tcp any host 204.210.247.206 eq telnet
evaluate tcptraffic
evaluate icmptraffic
evaluate udptraffic
evaluate iptraffic
permit ip any host 24.123.158.52
permit ip any host 24.123.158.53
permit ip any host 24.123.158.54
permit ip any host 24.123.158.55
permit icmp any host 24.123.158.52
permit icmp any host 24.123.158.53
permit icmp any host 24.123.158.54
permit icmp any host 24.123.158.55
ip access-list extended outboundfilters
permit tcp any any reflect tcptraffic
permit udp any any reflect udptraffic
permit icmp any any reflect icmptraffic
permit ip any any reflect iptraffic
access-list 1 permit 172.16.1.0 0.0.0.255
access-list 3 deny 24.123.158.61
access-list 3 deny 24.123.158.60
access-list 3 deny 24.123.158.62
access-list 3 deny 24.123.158.57
access-list 3 deny 24.123.158.56
access-list 3 deny 24.123.158.59
access-list 3 deny 24.123.158.58
access-list 3 deny 24.123.158.51
access-list 3 deny 24.123.158.50
access-list 3 permit any

line con 0
password (blocked out)
login
transport input none
line aux 0
line vty 0 4
password (blocked out)
login

end
-------------------------
Ping Results!

Pinging 24.123.159.54 with 32 bytes of data:

Reply from 24.123.159.54: bytes=32 time=100ms TTL=241
Reply from 24.123.159.54: bytes=32 time=90ms TTL=241
Reply from 24.123.159.54: bytes=32 time=91ms TTL=241
Reply from 24.123.159.54: bytes=32 time=90ms TTL=241
-------------------------------------
Tracert Results!

Tracing route to rrcs-central-24-123-159-54.biz.rr.com [24.123.159.54] over a maximum of 30 hops:

1 <10 ms 10 ms <10 ms 192.168.3.4
2 10 ms 20 ms 20 ms 67.96.191.69
3 10 ms 20 ms 20 ms P4-1.a0.chcg.broadwing.net [216.140.14.85]
4 20 ms 20 ms 20 ms 216.140.14.97
5 40 ms 40 ms 40 ms S2-0.C1.6.nwyk.broadwing.net [216.140.17.50]
6 40 ms 40 ms 40 ms 216.140.10.194
7 40 ms 40 ms 40 ms pop1-nye-P7-2.atdn.net [66.185.149.201]
8 40 ms 40 ms 41 ms bb2old-nye-P5-0.atdn.net [66.185.141.18]
9 40 ms 50 ms 50 ms bb2-vie-P8-0.atdn.net [66.185.152.201]
10 90 ms 100 ms 100 ms bb2-col-P3-0.atdn.net [66.185.152.212]
11 91 ms 100 ms 100 ms pop1-col-P6-0.atdn.net [66.185.140.58]
12 80 ms 90 ms 91 ms rr-columbus.atdn.net [66.185.146.254]
13 80 ms 90 ms 90 ms rrcs-central-24-123-159-1.biz.rr.com [24.123.159.1]
14 110 ms 100 ms 90 ms rrcs-central-24-123-159-54.biz.rr.com [24.123.159.54]

Trace complete.

Hope this is what you were talking about. Thanks again!

 

[rburke]

Ok, nevermind about the clockrate stuff... I didn't read the origial post correctly.. my fault. So where are the &quot;extremely high ping times&quot;? If you are talking about the &quot;14 110 ms 100 ms 90 ms rrcs-central-24-123-159-54.biz.rr.com [24.123.159.54]&quot; then it really depends on what kind of service you are paying for. If it was a full T1 then those are probably a bit slow, usually full T1's will run pings in the 80's-low 90's depending on the load at the minute. So, what kind of service do you have with Roadrunner? And is it the same service on each router, or do they have different service plans??

Burke

 

[wybnormal]

Anything under 100mS is deemed acceptable for a cross country frame link. 80 is prefered but 100 will do fine. You are showing 14 hops..

Here is a trace from my box to the same address.. it's a bit *worse* then yours

Hop IP Address Hostname Time Status
1 192.168.xxx.xxx ? 14 11:0:Time To Live (TTL) Exceeded in Transit
2 24.199.xxx.xxxx rrcs-west-24-199-xxx-xxx.biz.rr.com 14 11:0:Time To Live (TTL) Exceeded in Transit
3 * * * No packet received from this hop.
4 24.30.161.149 pos4-0-0.orngca2-rtr1.socal.rr.com 13 11:0:Time To Live (TTL) Exceeded in Transit
5 24.30.161.184 srp4-0.orngca1-gsr1.socal.rr.com 14 11:0:Time To Live (TTL) Exceeded in Transit
6 66.75.161.190 srp2-0.orngca4-gsr1.socal.rr.com 14 11:0:Time To Live (TTL) Exceeded in Transit
7 66.185.137.141 pop1-las-p7-1.atdn.net 27 11:0:Time To Live (TTL) Exceeded in Transit
8 66.185.137.128 bb1-las-p0-0.atdn.net 14 11:0:Time To Live (TTL) Exceeded in Transit
9 66.185.152.27 bb1-pho-p7-0.atdn.net 27 11:0:Time To Live (TTL) Exceeded in Transit
10 66.185.152.37 bb2-pho-p1-0.atdn.net 55 11:0:Time To Live (TTL) Exceeded in Transit
11 66.185.152.106 bb2-hou-p6-0.atdn.net 55 11:0:Time To Live (TTL) Exceeded in Transit
12 66.185.152.152 bb1-hou-p1-0.atdn.net 55 11:0:Time To Live (TTL) Exceeded in Transit
13 66.185.152.184 bb1-atm-p7-0.atdn.net 96 11:0:Time To Live (TTL) Exceeded in Transit
14 66.185.152.183 bb1-cha-p6-0.atdn.net 96 11:0:Time To Live (TTL) Exceeded in Transit
15 66.185.152.29 bb1-vie-p10-0.atdn.net 96 11:0:Time To Live (TTL) Exceeded in Transit
16 66.185.152.210 bb1-col-p3-0.atdn.net 124 11:0:Time To Live (TTL) Exceeded in Transit
17 66.185.140.54 pop1-col-p5-0.atdn.net 137 11:0:Time To Live (TTL) Exceeded in Transit
18 66.185.146.242 rr-columbus.atdn.net 137 11:0:Time To Live (TTL) Exceeded in Transit
19 24.123.159.1 rrcs-central-24-123-159-1.biz.rr.com 138 11:0:Time To Live (TTL) Exceeded in Transit
20 24.123.159.54 rrcs-central-24-123-159-54.biz.rr.com 123 0:0 Echo Reply

TraceRoute Statistics: 32 data bytes to rrcs-central-24-123-159-54.biz.rr.com [24.123.159.54]
Start Time: Wed, 30 Oct 2002 06:38:48
20 packets transmitted, 19 packets received, 5% packet loss
round-trip (ms) min/avg/max = 13/65/138

MikeS Find me at

http://www.packetattack.com

&quot;Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots.&quot;
Sun Tzu

 

[crleacock]

Okay, this ping is what I usually get.

Pinging 24.123.159.54 with 32 bytes of data:

Reply from 24.123.159.54: bytes=32 time=320ms TTL=241
Reply from 24.123.159.54: bytes=32 time=371ms TTL=241
Reply from 24.123.159.54: bytes=32 time=330ms TTL=241
Reply from 24.123.159.54: bytes=32 time=521ms TTL=241

What happens is it gets to this point, they have problems, someone reloads the routers and the time comes back down to normal for a couple days. Then it starts all over again.

 

[wybnormal]

It would be interesting to do this when you have slow response.. before a reload..

show cpu proc

nemesis#show proc cpu
CPU utilization for five seconds: 5%/0%; one minute: 2%; five minutes: 1%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 1301820 3914590 332 0.08% 0.01% 0.00% 0 Load Meter
2 652 104 6269 3.09% 0.97% 0.21% 2 Virtual Exec
3 54065608 3761741 14372 0.00% 0.23% 0.25% 0 Check heaps
4 20 16 1250 0.00% 0.00% 0.00% 0 Pool Manager
5 0 2 0 0.00% 0.00% 0.00% 0 Timers
6 8 3 2666 0.00% 0.00% 0.00% 0 Serial Backgroun
7 2386240 973870 2450 0.00% 0.00% 0.00% 0 ARP Input
8 8 2 4000 0.00% 0.00% 0.00% 0 DDR Timers
9 28 2 14000 0.00% 0.00% 0.00% 0 Entity MIB API
:::snip:::

This can give you some insight to what exactly is sucking up the processor time.. which is my guess to why the slow ping.. the last time I saw this, it was a memory leak in the level of code I had and the trigger was a certain config of NAT that I used. I went up one level of code and it went away.

MikeS
Find me at

http://www.packetattack.com

&quot;Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots.&quot;
Sun Tzu

 

[rburke]

What do you mean by &quot;level of code&quot;?

Burke

 

[wybnormal]

up one level instead of a complete release...

ie..

11.3(4) to 11.3(7) is up 3 levels of code.. 11.3 to 12.0 is a completely new release..

There are other ways to say it I'm sure..

MikeS
Find me at

http://www.packetattack.com

&quot;Take advantage of the enemy's unreadiness, make your way by unexpected routes, and attack unguarded spots.&quot;
Sun Tzu

 

[CiscoGod]

Sound's very much like a memory leak issue or a memmory buffer issue on the serial interface. What will really nail it shut,is to do a cisco command:

show memory summary
show memory buffers
show process cpu

Capture the output and run it thru Cisco Output Interpreter for a quick diagnosis of the output. Only problem you have to have a CCO account. If not post your outputs here and I can paste them into the utility.

URL Links:

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

CiscoGod

 

[Nocguy]

just to b safe..u might want to look at the linksys part..
make shure u'r gear facing it is not on autosense
duplex mismatch will get u'r gear to negotiate the speed
and do crc's all the time,wich will slow you down

i say this cause i've seen it so much time with
the linksys gear involved,rebooting makes the router negotiate again so it appairs fixed then negotiation
takes place at times and stuff get's worse..

but then again all approach should be looked at..

 

[Nocguy]

forget what i said ,i overlooked the first few line's
of u'r original post

guess i was trigger happy