[c-nsp] TCP Throughput / MTU problem ? with Cisco 7304 andMPLS VPN's
Eric Kagan
eklists at axsne.com
Fri Jan 11 10:48:36 EST 2008
> What is the regular interface MTU? (E.g. "show interface
> Gi0".) I cannot
> determine from your interface definitions if you have adjusted this.
They are all MTU=1500 on all physical FE and GE interfaces
> According to the doc you mentioned, the "mpls mtu" command
> only shows up
> in your configuration if it's different from the interface
> MTU. Have you
> tried "mtu 1520" and "mpls mtu 1520" as stated in the
> document? OTOH it
> should have complained if you configured an MPLS MTU larger that the
> interface MTU.
I have never changed a router interface MTU on the 7206's, only the
switches. Routers always MPLS MTU xxxx. That's where I wonder why now ?
I replied with some of this in the previous response, but the 7206 has
physical interface MTU = 1500, MPLS MTU 1546 and works fine on over 20
routers. Its just the one 7304 that is having an issue. Currently, I have
not changed physical interface MTU on 7304, its 1500. I have tried MPLS MTU
1546 (and yes I got the error msg setting MTU above physical can cause
problems....)
Jan 8 22:04:47 est: %MFI-3-MPLS_MTU_SET: Setting mpls mtu to 1520 on
GigabitEthernet1 which is higher than the interface mtu 1500. This could
lead to packet forwarding problems including packet drops.
7304:
> interface GigabitEthernet1
> mpls mtu 1520
> mpls label protocol ldp
> mpls ip
GigabitEthernet1 is up, line protocol is up
Hardware is BCM1250 Internal MAC, address is 001c.5881.7001 (bia
001c.5881.7001)
MTU 1500 bytes, BW 1000000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
7206: (Working fine along this path)
interface GigabitEthernet0/2
mpls label protocol ldp
tag-switching mtu 1546
tag-switching ip
!
ma.wstr2.core1#show int g0/2
GigabitEthernet0/2 is up, line protocol is up
Hardware is BCM1250 Internal MAC, address is 0018.1819.851a (bia
0018.1819.851a)
MTU 1500 bytes, BW 50 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Full-duplex, 1000Mb/s, link type is autonegotiation, media type is SX
>
>
> Can you see at what packet size the router stops forwarding traffic?
> With different size pings from the access-side for example.
I have not seen any problems with ICMP. I can ping between the 2 P routers
connected on the fiber up to 2000 bytes without a problem:
#ping
Sending 5, 1480-byte ICMP Echos to 66.203.65.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Sending 5, 1500-byte ICMP Echos to 66.203.65.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Sending 5, 1520-byte ICMP Echos to 66.203.65.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Sending 5, 1546-byte ICMP Echos to 66.203.65.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Sending 5, 2000-byte ICMP Echos to 66.203.65.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
>
> Regards,
> Peter
>
>
> On Fri, 2008-01-11 at 09:51 -0500, Eric Kagan wrote:
> > I am running in to a strange problem and hopfeully someone
> here can help. I
> > did open a Cisco TAC case but I don't think they understand
> the issue or
> > maybe I didn't explain it well.
> >
> > We have MPLS enabled through the core of our network for
> customer MPLS
> > VPN's. Until now, all devices have been 7206VXR's w/
> NPE-G1's and we are
> > only using the 3 internal Gig ports on the Processor. I
> upgraded one of the
> > VXR's to a 7304 and configured it the same as the 7206.
> The router itself
> > is working fine, BGP is working, regular IP traffic /
> throughout is fine
> > (iperf tests have no issues). I have confirmed interface
> MTU's, switch
> > MTU's and everything is configured the same as before.
> When VPN traffic
> > goes through this link, I get reports of TCP requests
> starting and then
> > stopping (i.e. SSH makes connection but can't pass data, or
> do an 'ls', etc
> > or HTTP Get seems to connect but doesn't pass data back).
> It all sounds
> > very similar to MTU issues I experienced and read about on
> MPLS interfaces.
> > If I reroute the traffic around the ring away from the 7304
> everything works
> > fine again - and the problem connections are resolved in seconds. I
> > originally had the MTU set to 1546 on the 7304 (I used to
> use 1524 but some
> > of the L2 VPN's needed more so I bumped them up). I came across the
> > document MPLS MTU Command Changes
> >
> (http://www.cisco.com/en/US/products/ps6566/products_feature_g
> uide09186a0080
> > 629db0.html) which I found interesting so I set the MPLS
> MTU to 1520 with no
> > avail. Below is show ver and config clips along with a few
> show commands.
> > I am hoping someone has seen this and knows how to resolve.
> >
> > Thanks
> > Eric
> >
> >
> >
> >
> >
> > Cisco IOS Software, 7300 Software (C7300-K91P-M), Version
> 12.2(31)SB6,
> > RELEASE SOFTWARE (fc1)
> > System image file is "disk0:c7300-k91p-mz.122-31.SB6.bin"
> > cisco 7300 (NPEG100) processor (revision B) with
> 983040K/65536K bytes of
> > memory.
> >
> >
> > mpls label protocol ldp
> > !
> > interface Loopback0
> > ip address 10.11.12.214 255.255.255.255
> > !
> > interface GigabitEthernet0
> > desc Backbone Switch
> > ip address 10.11.13..1 255.255.255.224
> > ip flow ingress
> > load-interval 30
> > media-type rj45
> > speed auto
> > duplex auto
> > negotiation auto
> > mpls mtu 1520
> > mpls label protocol ldp
> > mpls ip
> > !
> > interface GigabitEthernet1
> > description Fiber to POP1
> > ip address 10.11.14.26 255.255.255.252
> > ip flow ingress
> > load-interval 30
> > delay 10000
> > media-type gbic
> > speed auto
> > duplex auto
> > negotiation auto
> > mpls mtu 1520
> > mpls label protocol ldp
> > mpls ip
> > !
> > interface GigabitEthernet2
> > description Backbone Failover
> > bandwidth 50
> > ip address 10.11.14.253 255.255.255.248
> > ip flow ingress
> > load-interval 30
> > media-type rj45
> > speed auto
> > duplex auto
> > negotiation auto
> > mpls mtu 1520
> > mpls label protocol ldp
> > mpls ip
> > !
> > router bgp xxxxx
> > no synchronization
> > bgp log-neighbor-changes
> > neighbor RR_SERVER peer-group
> > neighbor RR_SERVER remote-as xxxxx
> > neighbor RR_SERVER update-source Loopback0
> > neighbor RR_SERVER next-hop-self
> > neighbor RR_SERVER send-community both
> > neighbor 10.11.12.201 peer-group RR_SERVER
> > neighbor 10.11.12.201 description pecore-mma
> > neighbor 10.11.12.203 peer-group RR_SERVER
> > neighbor 10.11.12.203 description pecore-wma
> > no auto-summary
> > !
> >
> > #show mpls int
> > Interface IP Tunnel BGP Static Operational
> > GigabitEthernet0 Yes (ldp) No No No Yes
> > GigabitEthernet1 Yes (ldp) No No No Yes
> > GigabitEthernet2 Yes (ldp) No No No Yes
> >
> >
> >
> >
> > #show mpls ldp disc
> > Local LDP Identifier:
> > 10.11.12.214:0
> > Discovery Sources:
> > Interfaces:
> > GigabitEthernet0 (ldp): xmit/recv
> > LDP Id: 10.11.12.216:0
> > LDP Id: 10.11.12.215:0
> > LDP Id: 10.11.12.217:0
> > GigabitEthernet1 (ldp): xmit/recv
> > LDP Id: 10.11.12.203:0
> > GigabitEthernet2 (ldp): xmit/recv
> > LDP Id: 10.11.12.215:0
> > LDP Id: 10.11.12.217:0
> > LDP Id: 10.11.12.216:0
> >
> >
> > Also, show mpls ldp binding and show mpls ldp nei show all
> the proper info.
> > I sent an update back to Cisco on the TAC case but think
> someone here may
> > understand and help quicker. Any help or insight would be
> appreciated.
> >
> > Thanks
> > Eric
> >
> >
> >
> >
> > Eric Kagan
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
More information about the cisco-nsp
mailing list