I'm geting crazy wiyh a Cisco 3620. It was the subject of few weeks ago on this NG. I repost my question hoping to find a solutions. It forward traffic only between 2 eth interfaces. The throughput is close to 100 kbits/sec when it has a 100 Mbit/sec on both the interfaces. If I replace it with a Linux box the throughput jupms to 3,5 Mbits very quietly. All the outputs are made during a very big download (70 MBytes) The total CPU load was at the average of 70 % but not any process shined for CPU load. This all info I can give you:
--------- SH VER ------------------------------------------------------------
Cisco Internetwork Operating System Software IOS (tm) 3600 Software (C3620-IK9O3S7-M), Version 12.3(13a), RELEASE SOFTWARE (fc2) Technical Support:
ROM: System Bootstrap, Version 11.1(7)AX [kuong (7)AX], EARLY DEPLOYMENT RELEASE SOFTWARE (fc2) ROM: 3600 Software (C3620-IK9O3S7-M), Version 12.3(13a), RELEASE SOFTWARE (fc2)
Borderline uptime is 1 week, 1 day, 13 hours, 33 minutes System returned to ROM by power-on System image file is "flash:c3620-ik9o3s7-mz.123-13a.bin"
[CUT]cisco 3620 (R4700) processor (revision 0x81) with 61440K/4096K bytes of memory. Processor board ID 056FT61 R4700 CPU at 80MHz, Implementation 33, Rev 1.0 Bridging software. X.25 software, Version 3.0.0. Basic Rate ISDN software, Version 1.1.
2 Ethernet/IEEE 802.3 interface(s) 1 Serial network interface(s) 4 ISDN Basic Rate interface(s) DRAM configuration is 32 bits wide with parity disabled. 29K bytes of non-volatile configuration memory. 32768K bytes of processor board System flash (Read/Write)----------------------- both SH INT E0/0 and E0/1
--------------------------------
Router#sh int e0/0 Ethernet0/0 is up, line protocol is up Hardware is AmdP2, address is 00e0.1e56.7b61 (bia 00e0.1e56.7b61) Internet address is 134.aaa.154.aaa/24 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 254/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never Last clearing of "show interface" counters 00:20:57 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 68000 bits/sec, 13 packets/sec 5 minute output rate 12000 bits/sec, 11 packets/sec 12107 packets input, 9396669 bytes, 0 no buffer Received 800 broadcasts, 0 runts, 0 giants, 0 throttles 121 input errors, 46 CRC, 46 frame, 0 overrun, 75 ignored 0 input packets with dribble condition detected 9613 packets output, 1358134 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out
Ethernet0/1 is up, line protocol is up Hardware is AmdP2, address is 00e0.1e56.7b62 (bia 00e0.1e56.7b62) Internet address is 192.168.32.142/29 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:02, output 00:00:00, output hang never Last clearing of "show interface" counters 00:21:38 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 5000 bits/sec, 4 packets/sec 5 minute output rate 64000 bits/sec, 6 packets/sec 6431 packets input, 1003588 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 19 input errors, 19 CRC, 16 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 8393 packets output, 9315674 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out
------------------ SH RUN -------------------------
! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname Borderline ! boot-start-marker boot-end-marker ! enable secret fffffffffffffffffffffffffff ! no aaa new-model ip subnet-zero ! ! ip cef no ip domain lookup ip domain name mine.com ! ip audit po max-events 100 ! username xxxxxxxxxxxxxxxxxxx ! ! interface Ethernet0/0 ip address xxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxx ip nat outside full-duplex ! interface Serial0/0 no ip address shutdown ! interface Ethernet0/1 ip address 192.168.46.142 255.255.255.248 ip access-group 2 in ip nat inside full-duplex ! interface BRI1/0 no ip address shutdown ! interface BRI1/1 no ip address shutdown ! interface BRI1/2 no ip address shutdown ! interface BRI1/3 no ip address shutdown ! ip nat translation max-entries 500 ip nat inside source list 112 interface Ethernet0/0 overload ip nat inside source static tcp 192.168.46.137 22 interface Ethernet0/0 30022 ip nat inside source static tcp 192.168.46.137 443 interface Ethernet0/0 443 ip nat inside source static 192.168.46.193 CCCCCCCCCCCCCCCCC ip nat inside source static 192.168.46.137 XXXXXXXXXXXXXXXXX no ip http server no ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 ip route 10.14.212.0 255.255.255.0 192.168.46.137 ip route 192.168.46.192 255.255.255.240 192.168.46.137 ! ! ! ip access-list extended vty-access permit tcp 10.14.212.0 0.0.0.255 any eq 22 permit tcp 10.14.212.0 0.0.0.255 any eq telnet access-list 1 permit 10.18.139.0 0.0.0.255 access-list 1 deny 10.0.0.0 0.255.255.255 access-list 1 deny 172.0.0.0 0.31.255.255 access-list 1 deny 192.168.0.0 0.0.255.255 access-list 1 permit any access-list 1 deny any access-list 2 deny 192.168.46.205 access-list 2 permit 192.168.46.136 0.0.0.7 access-list 2 permit 192.168.46.192 0.0.0.15 access-list 2 permit 10.14.212.0 0.0.0.255 access-list 2 deny any access-list 100 permit udp host 192.168.46.137 eq isakmp host XXXXXXXXXXXXXXXXXXXXXXx eq isakmp access-list 100 permit udp host 192.168.46.137 eq non500-isakmp host XXXXXXXXXXXXXXXXXXXX eq non500-isakmp access-list 100 permit esp host 192.168.46.137 host XXXXXXXXXXXXXXXXXXXXXXX access-list 100 deny ip any any access-list 111 permit udp host 192.168.46.137 eq isakmp host XXXXXXXXXXXXXXXXXX eq isakmp access-list 111 permit udp host 192.168.46.137 eq non500-isakmp host XXXXXXXXXXXXXXX eq non500-isakmp access-list 111 permit esp host 192.168.46.137 host XXXXXXXXXXXXXXXXXX access-list 112 permit ip 10.14.212.0 0.0.0.255 any access-list 112 permit ip 192.168.46.136 0.0.0.7 any access-list 112 permit ip 192.168.46.192 0.0.0.15 any no cdp run ! route-map NAT-VPN permit 10 match ip address 111 match interface Ethernet0/0 ! line con 0 line aux 0 line vty 0 4 access-class vty-access in login local ! ! end
-------------------- SH CEF ---------------------------------------
Ethernet0/0 is up (if_number 4) Corresponding hwidb fast_if_number 4 Corresponding hwidb firstsw->if_number 4 Internet address is XXXXXXXXXXXXXXXXXXXxxx(24 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Hardware idb is Ethernet0/0 Fast switching type 1, interface type 61 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x40, Output fast flags 0x100 ifindex 2(2) Slot 0 Slot unit 0 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500
Ethernet0/1 is up (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 192.168.46.142/29 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is 2 Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Hardware idb is Ethernet0/1 Fast switching type 1, interface type 61 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x41, Output fast flags 0x100 ifindex 4(4) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500
Router#sh cef not-cef-switched CEF Packets passed on to next switching layer Slot No_adj No_encap Unsupp'ted Redirect Receive Options Access Frag RP 5 0 0 0 97397 0 0 0
---------------------------------------------------------------------------------------
That's problem it's weaking my mind, please...help me. And sorry for the very long post
Alex.