Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DSL bandwidth issue 3600 platform

Status
Not open for further replies.
downloadkid

downloadkid

IS-IT--Management
Dec 12, 2004
71
0
0
GB
Morning people
got a problem I hope you can advise me on.

sometime back I purchased a 3620 with a dual fast ethernet module and a WIC1-ADSL daughter card. Through it I get a around a constant 840KB/s which is the max i can get from my ISP. Never had any problems.

I recently purchased a 3640 with max memory so I could try out some of the larger 'enterprise' images and their features. I swapped the modules from the 3620 tot the 3640, set it up no problems all worked like the 3620......until recently.

I downloaded the SDM utility and installed it - now I am only able to get a max bandwidth of 300KB/s. No matter what I do I can't get the 3640 to download faster.

What I have done;
I deleted the startup-config replacing it with a 'clean' known to work backup - no good
I deleted all the SDM files from flash followed by a squeeze flash
I wrote-erased
I changed the IOS to a base IP plus version
Changed the reg to force a clean boot then setup a base config, nothing seems to work!

So I'm back to square one, I've reinstalled the original IOS and SDM.
There are no QoS policies set - according to SDM
There is no net flow set - according to SDM
ATM is not showing any drops

Below is a copy run any advise greatly appreciated!!

Current configuration : 8611 bytes
!
! Last configuration change at 07:35:30 PCTime Tue Aug 28 2007
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Router3640
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret xxxxx
enable password xxxxx
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authorization exec local_author local
!
aaa session-id common
!
resource policy
!
memory-size iomem 10
clock timezone PCTime 0
no ip source-route
no ip rcmd domain-lookup
ip tcp synwait-time 10
!
!
ip cef
ip domain name lookup
ip name-server 192.168.0.253
!
!
no ip bootp server
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
crypto pki trustpoint TP-self-signed-xxxxxx
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-xxxxxxx
revocation-check none
rsakeypair TP-self-signed-xxxxxx
!
crypto pki trustpoint tti
revocation-check crl
rsakeypair tti
!
!
crypto pki certificate chain TP-self-signed-xxxxx
certificate self-signed 01
30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36393230 38313830 39301E17 0D303730 38323631 35326234
395A170D 32303031 30313530 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3639 32303831
38303930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
CD325847 54D642B7 362ABD4E CA678A38 A1DC734B C00BED1F B596F336 DD0EF29F
71D3EE6F FD7F8953 xxxxxxxx 7D2F0992 882D46D2 40D2E7B9 9026E727 52654D24
4FB93D3A CB3B0DD0 82F7C051 DE78A329 9010A3B8 BF7475FD C3EA08C7 503631ED
98016083 99D27EBF FC118E7C 2964F526 A00503F2 3183600B DE216FDE 9F32954F
02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
11041230 10820E47 61746577 61792E6C 6F6F6B75 70301F06 03551D23 04183016
80147CC4 6A8B9CF8 B1653FAD 41640B85 xxxxxxxx 1F09301D 0603551D 0E041604
147CC46A 8B9CF8B1 653FAD41 640B85BC 7CF0B91F 09300D06 092A8648 86F70D01
01040500 03818100 7B4CE6FF 94D439D4 670B2F86 AC4BDD03 A75CAEF2 FE9CE74C
DEF1BDFE D9E5B4B7 C1085513 C441C35B 16A7EB3A D6CD148C 78F136FE 01242813
02ADCA9A C6EA251A A4C7DACC 1E0F666A A5FFBEFD FF9C24F0 2628E4E5 731FDDF3
09BC239C 6CC54DD1 3902A29D 2099D021 357714FC 9160B465 C4CD5539 4A386F81
A40975DE 54087A9E
quit
crypto pki certificate chain tti
!
!
!
!
!
!
!
!
!
!
!
username xxxxxxx privilege 15 password 7 xxxxxxxxx
!
!
!
!
!
!
interface Null0
no ip unreachables
!
interface ATM0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
dsl enable-training-log
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0/0
description $ETH-LAN$$FW_INSIDE$
ip address 192.168.0.254 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface FastEthernet0/1
description DMZ
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface Dialer1
description $FW_OUTSIDE$
bandwidth 70000
ip address negotiated
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip inspect SDM_LOW out
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
ppp chap hostname xxxxxxxx
ppp chap password xxxxxxxx
!
ip http server
ip http access-class 3
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 Dialer1
ip flow-top-talkers
top 10
sort-by bytes
!
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.0.253 21 xxx.xxx.xxx.xxx 21 extendable
ip nat inside source static tcp 192.168.0.252 43 xxx.xxx.xxx.xxx 43 extendable
ip nat inside source static tcp 192.168.0.253 47 xxx.xxx.xxx.xxx 47 extendable
ip nat inside source static tcp 192.168.0.253 80 xxx.xxx.xxx.xxx 80 extendable
ip nat inside source static tcp 192.168.0.253 1723 xxx.xxx.xxx.xxx 1723 extendabl
e
ip nat inside source static tcp 192.168.0.253 3389 xxx.xxx.xxx.xxx 3389 extendabl
e
ip nat inside source static tcp 192.168.0.253 6129 xxx.xxx.xxx.xxx 6129 extendabl
e
ip nat inside source static udp 192.168.0.253 8767 xxx.xxx.xxx.xxx 8767 extendabl
e
ip nat inside source static udp 192.168.0.253 15567 xxx.xxx.xxx.xxx 15567 extenda
ble
ip nat inside source static tcp 192.168.0.253 27015 xxx.xxx.xxx.xxx 27015 extenda
ble
ip nat inside source static udp 192.168.0.253 27015 xxx.xxx.xxx.xxx 27015 extenda
ble
ip nat inside source static tcp 192.168.0.253 27016 xxx.xxx.xxx.xxx 27016 extenda
ble
ip nat inside source static udp 192.168.0.253 27016 xxx.xxx.xxx.xxx 27016 extenda
ble
!
logging trap debugging
logging 192.168.0.253
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 3 remark HTTP Access-class list
access-list 3 remark SDM_ACL Category=1
access-list 3 permit 192.168.0.0 0.0.0.255
access-list 3 deny any
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 remark Auto generated by SDM for NTP (123) 192.168.0.253
access-list 100 permit udp host 192.168.0.253 eq ntp host 192.168.0.254 eq ntp
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp any host xxx.xxx.xxx.xxx eq 27016
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 27016
access-list 101 permit udp any host xxx.xxx.xxx.xxx eq 27015
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 27015
access-list 101 permit udp any host xxx.xxx.xxx.xxx eq 15567
access-list 101 permit udp any host xxx.xxx.xxx.xxx eq 8767
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 6129
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 3389
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 1723
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq www
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq 47
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq whois
access-list 101 permit tcp any host xxx.xxx.xxx.xxx eq ftp
access-list 101 deny ip 192.168.0.0 0.0.0.255 any
access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any time-exceeded
access-list 101 permit icmp any any unreachable
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any log
no cdp run
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
password 7 xxxxxxxxxxxxxxxxxx
login authentication local_authen
transport output telnet
line aux 0
password 7 xxxxxxxxxxxxxxxxx
login authentication local_authen
transport output telnet
line vty 0 4
access-class 2 in
password 7 xxxxxxxxxxxxxxxx
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler allocate 4000 1000
ntp clock-period 17179961
ntp server 192.168.0.253 source FastEthernet0/0 prefer
!
end

 
Sort by date Sort by votes
We found that the ip virtual reassembly command can really slow things down , you might want to try and pull that out and see if anything changes . Not even sure what it is supposed to do , some kind of security thing .
 
Upvote 0 Downvote
No that didn't work - still capping at 300KB/s
 
Upvote 0 Downvote
Why is the ppp config on atm0/0 instead of a subinterface? Also, why did you set the bandwidth on atm0/0?
You may want to enable cef on all the interfaces, as well as ...
router(config)#int fa0/0
router(config-if)#ip mtu 1492
router(config-if)#exit
router(config)#int fa0/1
router(config-if)#ip mtu 1492
router(config-if)#exit
router(config)#int di1
router(config-if)#ip tcp adjust-mss 1452
router(config-if)#end
router#wr
To enable Cisco Express Forwarding (CEF), just go on the interfaces, one by one...
router(config)#int di1
router(config-if)#ip cef
router(config)#int fa0/0
router(config-if)#ip cef
router(config)#int fa0/1
router(config-if)#ip cef
router(config)#end
router#wr
Notice after "ip cef", it will automatically exit out of interface config mode into global confg mode each time.

Burt
 
Upvote 0 Downvote
Okay---that was one of my biggest brain farts to date...cef is configured in blobal config mode, not on the interfaces...sorry.

Burt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

phonedudeSr
  • Locked
  • Question
Cisco Unity Connection Subscriber issue
Replies
2
Views
57
phonedudeSr
phonedudeSr
pbxnkey
  • Locked
  • Question
Reduced Bandwidth on Cisco 3550
Replies
6
Views
86
ADB100
ADB100
HollTel
  • Locked
  • Question
Cisco UC520 Shared Line issue
Replies
0
Views
39
HollTel
HollTel
acollard83
  • Locked
  • Question
Cisco 6509 WS-X6704-10GE Issue
Replies
3
Views
71
mattKnight
mattKnight
dmourghen
  • Locked
  • Question
PBR issue and Access-list
Replies
0
Views
46
dmourghen
dmourghen

Part and Inventory Search

Sponsor

Back
Top