RE: [nsp] Questions:

From: Todd, Douglas M. (DTODD@PARTNERS.ORG)
Date: Thu Jun 13 2002 - 17:12:01 EDT


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jenonimo:

There are lots of docs on CCO about buffers and tuning them.
Stephens comment of leaving them alone is good advise and most people
tend to leave the buffer statements alone. HOWEVER, before you decide
to make any changes to your system be advised that ill things can
happen when changing the buffers statements. Be VERY CAREFUL and if
in doubt, make VERY small changes over a long period of time, AND
watch your system carefully.

Give that we have done many such changes we have found the following
ideas and information to be helpful.

large amount of buffer hits (especially middle which runs about 600
bytes. We have found that viruses tend to cause high buffer
hits/misses on our network. These tend to make all buffers go wild
w/peaks being constant times (see 4w1d). You might see this change
per minute or p/day..etc.:

Small buffers, 104 bytes (total 2500, permanent 2500, peak 3814 @
4w1d):
     2494 in free list (750 min, 3000 max allowed)
     1880468625 hits, 47561 misses, 76874 trims, 76874 created
     641 failures (0 no memory)

Run a sniffer to find what might be causing the problem. Take a look
at the traffic going to/from your router. This might give you some
idea as to whom or what the cause.

If you think that your traffic load is high during different times ip
accounting and your ip cache table w/interface stats will help you
gain some insight to what your volume and traffic patterns are like.
This with some sniffer traces will give you a good view of what is
happening to your network.

If you want to tune your router make sure that you have plenty of
memory. Since each buffer that you make or allocate will take (in
middle) 600 bytes of memory. If you make them permanent this
allocation will be constant and not fluctuate and you will not get
many creates/trims.
When changing the buffers the value that you use is the value
configured, NOT added.
SO:
buffers small permanent 2500
buffers small max-free 3000
buffers small min-free 750
sets the values to these settings OVERRIDING the original settings
and NOT adding.

Make small changes over a period of time with constant monitoring and
review. Keep tabs on the memory if you make large changes. Doing this
you will ease making a problem and if done incorrectly you will see
that your configuration is incorrect and quickly adjust.

Give this a read and it might help you with some of your questions.

http://www.cisco.com/warp/public/63/buffertuning.html

Good luck:

- ----SIGNATURE------
Douglas M. Todd, Jr.
CCNP
Network Engineering
Partners Health Care
Building 149
149 13 Street
Charlestown, MA 02129-200
Tel: 617.726.1403
Email: dtodd@partners.org
- --------------------------------------------------------------------
PGP Finger Print: 9429 CAE3 B2D1 C2E1 DFBC E7A6 E90A 9BE5 C7B6 47BC
Key
available:http://keyserver.pgp.com:80/pks/lookup?op=get&exact=off&sear
ch=dtodd%40partners.org
Verisign S/N: 3ff65cdf58b9dceda004baeed49e16cf
https://digitalid.verisign.com/services/client/index.html

>-----Original Message-----
>From: Stephen Sprunk [mailto:ssprunk@cisco.com]
>Sent: Thursday, June 13, 2002 3:02 PM
>To: Jeronimo Diez de Sollano Velazco Aceves; Cisco Nsp (E-mail)
>Subject: Re: [nsp] Questions:
>
>
>Thus spake "Jeronimo Diez de Sollano Velazco Aceves"
><jdiez@bestel.com.mx>
>> I have an ATM link between two routers connected bact to
>back with a PVC.
>> The link utilization is below 40 % but i get intermitent
>discards in the
>> show interface output. If i send a ping no packet seems to
>be lost, but i
>> still concerned about those drops. I´m trying to look if is
>because some
>> internal process of the ATM interfaces. This because if i change
>> the interfaces to Serials in the same cable and same routers i
>don´t get any
>> drops.
>
>Are these output or input drops? If they're input, you have
>buffer problems.
>If they're output, you're getting some periodic congestion and
>they're probably
>normal.
>
>> Other concern i have is about the buffers, i´m getting 85
>failures in middle
>> buffers, i tryed the cisco Output interpreter and it says a
>lot of thingas
>> about large buffers and things, but nothing about those 85
>failures that i
>> get in the show buffers output. My router has a lot of free
>memory and the
>> max buffers allowed is 1600 vs the 689 free of 750.
>
>85 failures out of how many hits? If it's less than 1%, you
>don't have a
>problem.
>
>> does anybody has a document about real buffer tunning. All that
>> i can get from the cisco page is a simple document that says that
>> to change the buffer settings you need to be an expert, but no
>> documentation to become an expert.
>
>If I were going to release such a document to the public, the
>first 99 pages
>would say "don't change anything", and there'd be one page
>describing how to
>tune. Spend your time learning something more useful.
>
>S

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0

iQA/AwUBPQkJCAgiZycqTvq3EQLtWQCgqQR8NiChlcaEliNWw53oSrVO5BkAn3Qx
x2+SpZBYpvhFznmmkbHqsarX
=izpK
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:59 EDT