[c-nsp] TCP Throughput / MTU problem ? with Cisco 7304 and MPLS VPN's

Peter Rathlev peter at rathlev.dk
Fri Jan 11 10:28:26 EST 2008 

Hi Eric,

What is the regular interface MTU? (E.g. "show interface Gi0".) I cannot
determine from your interface definitions if you have adjusted this.
According to the doc you mentioned, the "mpls mtu" command only shows up
in your configuration if it's different from the interface MTU. Have you
tried "mtu 1520" and "mpls mtu 1520" as stated in the document? OTOH it
should have complained if you configured an MPLS MTU larger that the
interface MTU.

Can you see at what packet size the router stops forwarding traffic?
With different size pings from the access-side for example.

Regards,
Peter


On Fri, 2008-01-11 at 09:51 -0500, Eric Kagan wrote:
> I am running in to a strange problem and hopfeully someone here can help.  I
> did open a Cisco TAC case but I don't think they understand the issue or
> maybe I didn't explain it well.
>  
> We have MPLS enabled through the core of our network for customer MPLS
> VPN's.   Until now, all devices have been 7206VXR's w/ NPE-G1's and we are
> only using the 3 internal Gig ports on the Processor.  I upgraded one of the
> VXR's to a 7304 and configured it the same as the 7206.  The router itself
> is working fine, BGP is working, regular IP traffic / throughout is fine
> (iperf tests have no issues).  I have confirmed interface MTU's, switch
> MTU's and everything is configured the same as before.  When VPN traffic
> goes through this link, I get reports of TCP requests starting and then
> stopping (i.e. SSH makes connection but can't pass data, or do an 'ls', etc
> or HTTP Get seems to connect but doesn't pass data back).  It all sounds
> very similar to MTU issues I experienced and read about on MPLS interfaces.
> If I reroute the traffic around the ring away from the 7304 everything works
> fine again - and the problem connections are resolved in seconds.  I
> originally had the MTU set to 1546 on the 7304 (I used to use 1524 but some
> of the L2 VPN's needed more so I bumped them up).  I came across the
> document MPLS MTU Command Changes
> (http://www.cisco.com/en/US/products/ps6566/products_feature_guide09186a0080
> 629db0.html) which I found interesting so I set the MPLS MTU to 1520 with no
> avail.  Below is show ver and config clips along with a few show commands.
> I am hoping someone has seen this and knows how to resolve.
> 
> Thanks
> Eric
>  
> 
> 
> 
> 
> Cisco IOS Software, 7300 Software (C7300-K91P-M), Version 12.2(31)SB6,
> RELEASE SOFTWARE (fc1)
> System image file is "disk0:c7300-k91p-mz.122-31.SB6.bin"
> cisco 7300 (NPEG100) processor (revision B) with 983040K/65536K bytes of
> memory.
> 
>  
> mpls label protocol ldp
> !
> interface Loopback0
>  ip address 10.11.12.214 255.255.255.255
> !
> interface GigabitEthernet0
>  desc Backbone Switch
>  ip address 10.11.13..1 255.255.255.224
>  ip flow ingress
>  load-interval 30
>  media-type rj45
>  speed auto
>  duplex auto
>  negotiation auto
>  mpls mtu 1520
>  mpls label protocol ldp
>  mpls ip
> !
> interface GigabitEthernet1
>  description Fiber to POP1
>  ip address 10.11.14.26 255.255.255.252
>  ip flow ingress
>  load-interval 30
>  delay 10000
>  media-type gbic
>  speed auto
>  duplex auto
>  negotiation auto
>  mpls mtu 1520
>  mpls label protocol ldp
>  mpls ip
> !
> interface GigabitEthernet2
>  description Backbone Failover
>  bandwidth 50
>  ip address 10.11.14.253 255.255.255.248
>  ip flow ingress
>  load-interval 30
>  media-type rj45
>  speed auto
>  duplex auto
>  negotiation auto
>  mpls mtu 1520
>  mpls label protocol ldp
>  mpls ip
> !
> router bgp xxxxx
>  no synchronization
>  bgp log-neighbor-changes
>  neighbor RR_SERVER peer-group
>  neighbor RR_SERVER remote-as xxxxx
>  neighbor RR_SERVER update-source Loopback0
>  neighbor RR_SERVER next-hop-self
>  neighbor RR_SERVER send-community both
>  neighbor 10.11.12.201 peer-group RR_SERVER
>  neighbor 10.11.12.201 description pecore-mma
>  neighbor 10.11.12.203 peer-group RR_SERVER
>  neighbor 10.11.12.203 description pecore-wma
>  no auto-summary
>  !
>  
> #show mpls int
> Interface              IP            Tunnel   BGP Static Operational
> GigabitEthernet0       Yes (ldp)     No       No  No     Yes
> GigabitEthernet1       Yes (ldp)     No       No  No     Yes
> GigabitEthernet2       Yes (ldp)     No       No  No     Yes
> 
>  
> 
> 
> #show mpls ldp disc
>  Local LDP Identifier:
>    10.11.12.214:0
>     Discovery Sources:
>     Interfaces:
>         GigabitEthernet0 (ldp): xmit/recv
>             LDP Id: 10.11.12.216:0
>             LDP Id: 10.11.12.215:0
>             LDP Id: 10.11.12.217:0
>         GigabitEthernet1 (ldp): xmit/recv
>             LDP Id: 10.11.12.203:0
>         GigabitEthernet2 (ldp): xmit/recv
>             LDP Id: 10.11.12.215:0
>             LDP Id: 10.11.12.217:0
>             LDP Id: 10.11.12.216:0
> 
>  
> Also, show mpls ldp binding and show mpls ldp nei show all the proper info.
> I sent an update back to Cisco on the TAC case but think someone here may
> understand and help quicker. Any help or insight would be appreciated.
>  
> Thanks
> Eric
>  
> 
> 
> 
> Eric Kagan
> 
>  
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list