[c-nsp] Problems with bandwidth on interface tunnel
Saso Pirnat
saso.pirnat at amis.net
Sat Mar 3 12:28:44 EST 2007
Does anybody knows what is bandwidth limitation of interface tunnel on
cisco 1841 routers, because I have tree different locations connected
together in vpn network with IPSec using interfaces tunnel, with 3 cisco
1841 routers. WAN connections are on 100Mb/s optic fiber, but I can´t get
more speed then 8Mb/s on vpn connections, even if I increase tunnel
bandwidth to 40Mbp/s - that max ipsec passthrough for this vpn modul.
default tunnel configuration:
interface Tunnel0
description VPN site1
ip address 192.168.78.2 255.255.255.252
no ip split-horizon
tunnel source FastEthernet0/0
tunnel destination xxx.xxx.xxx.xxx
tunnel mode ipip
crypto map do-centrale
end
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Description: VPN site1
Internet address is 192.168.78.2/30
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
reliability 255/255, txload 112/255, rxload 81/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source xxx.xxx.xxx.xxx (FastEthernet0/0), destination
xxx.xxx.xxx.xxx
Tunnel protocol/transport IP/IP
Tunnel TTL 255
Fast tunneling enabled
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input 00:00:02, output 00:00:02, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 22466
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 46000 bits/sec, 30 packets/sec
5 minute output rate 44000 bits/sec, 19 packets/sec
898355732 packets input, 4135541064 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
742454820 packets output, 1498580302 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
increased bandwidth configuration:
interface Tunnel0
description VPN site1
bandwidth 40000
ip address 192.168.78.2 255.255.255.252
no ip split-horizon
tunnel source FastEthernet0/0
tunnel destination xxx.xxx.xxx.xxx
tunnel mode ipip
tunnel bandwidth transmit 40000
tunnel bandwidth receive 40000
crypto map do-centrale
end
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Description: VPN site1
Internet address is 192.168.78.2/30
MTU 1514 bytes, BW 40000 Kbit, DLY 500000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source xxx.xxx.xxx.xxx (FastEthernet0/0), destination
xxx.xxx.xxx.xxx
Tunnel protocol/transport IP/IP
Tunnel TTL 255
Fast tunneling enabled
Tunnel transmit bandwidth 40000 (kbps)
Tunnel receive bandwidth 40000 (kbps)
Last input 00:00:00, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 22463
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 21000 bits/sec, 17 packets/sec
5 minute output rate 41000 bits/sec, 14 packets/sec
898343729 packets input, 4132936756 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
742446090 packets output, 1496397797 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
br, saso
More information about the cisco-nsp
mailing list