DMVPN issue on a cisco 3845

Similar Messages

• High CPU Usage on Cisco 3845

  Hi all,
  I'm having high CPU usage with one of my Cisco 3845.
  It works as an IP-IP Gateway and the CPU is quite high when the total number of calls only around 100-200 calls.
  I check the CPU usage with "show process cpu sort" and it looks like there are some "hidden" processes that consuming CPU.
  For example, 41% is total CPU, 25% is due to interrups, so CPU utilization on process level = 41 - 25 = 16%.
  But as showed below, processes don't consume that much CPU, only around 7% ???
  Please help to advise on this case. Any help is highly appreciated..
  Thank you.
  3845-GW#show process cpu sort | ex 0.00%  0.00%  0.00%
  CPU utilization for five seconds: 41%/25%; one minute: 46%; five minutes: 47%
   PID Runtime(ms)     Invoked      uSecs     5Sec   1Min   5Min TTY Process
   382     6619708     1473171       4493      1.59%  1.81%  1.92%   0 CCSIP_SPI_CONTRO
   141     4228940    10181955        415      1.35%  1.51%  1.57%   0 IP Input
    65     2450824      163102      15026        1.19%  1.16%  1.17%   0 Per-Second Jobs
   370     2702292     3709512        728        0.87%  0.88%  0.88%   0 VOIP_RTCP
   224      321680      245640       1309          0.47%  0.49%  0.50%   0 AFW_application_
   112       93940    18093506          5             0.39%  0.31%  0.32%   0 Ethernet Msec Ti
   384     1058280     1553567        681         0.23%  0.28%  0.30%   0 CCSIP_UDP_SOCKET
     2       18148       32905        551                 0.07%  0.03%  0.02%   0 Load Meter
   137       35644     4657843          7               0.07%  0.04%  0.05%   0 IPAM Manager
   189      206392      267959        770            0.07%  0.05%  0.07%   0 TCP Protocols
    30       30792      198554        155               0.07%  0.01%  0.00%   0 ARP Input
   368      145456      176151        825             0.07%  0.04%  0.05%   0 CC-API_VCM
    28        9628       32759        293  0.00%  0.01%  0.00%   0 Environmental mo
    48      221352       37922       5837  0.00%  0.11%  0.11%   0 Net Background
    63       16728       32924        508  0.00%  0.01%  0.00%   0 Compute load avg
    64       72080        2781      25918  0.00%  0.01%  0.00%   0 Per-minute Jobs
     6      371644       29792      12474  0.00%  0.14%  0.12%   0 Check heaps
   176       12216      240288         50  0.00%  0.01%  0.00%   0 CEF: IPv4 proces
   284       36416     4929826          7  0.00%  0.02%  0.01%   0 MMON MENG
   307       12168      806151         15  0.00%  0.01%  0.00%   0 Atheros LED Ctro
   335       35300       19755       1786  0.00%  3.16%  1.00% 708 Virtual Exec
  3845-GW#sh int g0/0
  GigabitEthernet0/0 is up, line protocol is up
    MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Full Duplex, 1Gbps, media type is RJ45
    output flow-control is XON, input flow-control is XON
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input 00:00:00, output 00:00:00, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/2/56803 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    5 minute input rate 1551000 bits/sec, 5751 packets/sec
    5 minute output rate 4207000 bits/sec, 7643 packets/sec
       925128804 packets input, 939078510 bytes, 0 no buffer
       Received 62732 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 2 throttles
       2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored
       0 watchdog, 3763438515 multicast, 0 pause input
       1472816545 packets output, 3214770103 bytes, 0 underruns
       0 output errors, 2067720191 collisions, 1 interface resets
       0 unknown protocol drops
       0 babbles, 2281155551 late collision, 0 deferred
       2 lost carrier, 0 no carrier, 0 pause output
       0 output buffer failures, 0 output buffers swapped out
  3845-GW#sh int g0/1
  GigabitEthernet0/1 is up, line protocol is up
    MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
       reliability 255/255, txload 1/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Full Duplex, 1Gbps, media type is RJ45
    output flow-control is XON, input flow-control is XON
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input 00:00:00, output 00:00:00, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/30335 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    5 minute input rate 1684000 bits/sec, 7697 packets/sec
    5 minute output rate 3372000 bits/sec, 5632 packets/sec
       1484558664 packets input, 2383177786 bytes, 0 no buffer
       Received 208998 broadcasts (0 IP multicasts)
       0 runts, 0 giants, 0 throttles
       2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored
       0 watchdog, 3060386282 multicast, 0 pause input
       903478941 packets output, 2814588854 bytes, 0 underruns
       0 output errors, 2910776303 collisions, 1 interface resets
       0 unknown protocol drops
       0 babbles, 4157448025 late collision, 0 deferred
       2 lost carrier, 0 no carrier, 0 pause output
       0 output buffer failures, 0 output buffers swapped out

  Has this been something that just recently started happening, or have you had this issue for a while?  Have you installed any new programs recently?
  You may want to download Glary Utilities, which is a free software(they will ask you if you want to go Pro, just say no, the free version works very well).  There is a module for startup manager.  You can go in and disable stuff that starts with the computer.  I would advise unchecking adobe, java, quicktime, printers, etc.  Anything that doesn't REALLY need to start with the computer.  The nice thing with Glary is that you can restart the computer, and if you find that you need one of the programs to start with windows, you can go back in and enable it again.
  The Celeron 925 processor in your computer is a decent entry level processor, but if there are too many programs running in the background, it can bog down quick.  I would also recommend downloading and running Malwarebytes Anti-malware, to be sure that there is nothing malicous running in the background. 
  Qosmio X875 i7-3630QM, 32GB RAM, OCZ SSD Qosmio X505 i7-920XM, PM55, 16GB RAM, OCZ SSD
  Satellite Pro L350 T9900, GM45, 8GB RAM , Intel 320 SSD (my baby) Satellite L655 i7-620M, HM55, 8GB RAM, Intel 710 SSD (travel system)

• Cisco 3845 - Enable bluetooth but cucm administration not loading

  Hello Guys,
  I am trying to enable Jabra bluetooth on Cisco 3845 for a 7962g phone and I am trying to access cucm page and I am unable to do it. I need some help from you guys. Page gives Http error 404, Apache Tomcat. Not sure where to start troubleshooting.
  We have Cisco 3845 and Cisco Unity Express 8.6.1 installed.

  Hi p.bevilacqua
  Thank you for this info  I actually tried all those options aswell but still no luck.. could it be a IOS or DSP  issue ?
  in The meantime I have forwarded this link on to the 3rd partyCisco (Call manager) provider aswell.

• Problem with L2TP with Cisco 3845

  Dear all
  I have the following scenario for my dailup network.
  MaxTNT(LAC) ---Ethernet--- Cisco3845 (LNS)
  I have configuered MaxTNT Dailup server to act as LAC and launch a L2TP Tunnel after authenticating with Radius Server. Cisco 3845 acting as LNS estblishes L2TP tunnel with LAC and Dailup Users get connected on it as VPDNpppOE users.
  However problem i am facing is that i don't receieve any authentication request on Cisco LNS. As soon as user gets connect it sents Accouting Request only.
  I need authorization request in order to Push various different AVP from radius. But its not happening.
  Anyone have any idea what could be wrong here?? is thre any specific parameter i need to set up Cisoc.. or on MaxTNT????
  Waiting for reply

  To enable the Layer 2 Tunnel Protocol (L2TP) tunnel server or network access server (NAS) to perform remote authentication, authorization, and accounting (AAA) tunnel authentication and authorization, use the vpdn tunnel authorization network command in global configuration mode. To disable remote tunnel authentication and authorization and return to the default of local tunnel authentication and authorization, use the no form of this command.
  vpdn tunnel authorization network {list-name | default}
  no vpdn tunnel authorization network {list-name | default}

• ACL processing in Cisco 3845

  Hi,
  I would like to know that ACL processing in Cisco 3845 is hardware based or software based?
  May I have a list of hardware that support dedicated ASIC for ACL processing?
  Thanks and Regards,
  Ahmed Shahzad.    

  Hi,
  I would like to know that ACL processing in Cisco 3845 is hardware based or software based?
  May I have a list of hardware that support dedicated ASIC for ACL processing?
  Thanks and Regards,
  Ahmed Shahzad.    
  Ahmed,
  ACL processing is primarily accomplished in hardware, but requires forwarding of some traffic flows to the CPU for software processing. The forwarding rate for software-forwarded traffic is substantially less than for hardware-forwarded traffic. When traffic flows are both logged and forwarded, forwarding is done by hardware, but logging must be done by software. Because of the difference in packet handling capacity between hardware and software, if the sum of all flows being logged (both permitted flows and denied flows) is of great enough bandwidth, not all of the packets that are forwarded can be logged.
  These factors can cause packets to be sent to the CPU:
  •Using the log keyword
  •Enabling ICMP unreachables
  •Hardware reaching its capacity to store ACL configurations
  If ACLs cause large numbers of packets to be sent to the CPU, the switch performance can be negatively affected.
  Hope to Help !!
  Ganesh.H
  Remember to rate the helpful post

• Document on Cisco 3845 gateway with both Voice and VXML role

  Dear all,
  we are using single cisco 3845 gateway as Ingress as well as vxml gateway . Can you provide any documentation regarding the call volume capacity this gateway can handle. We have deployed this gateway in a UCCE parent- child  model.

  Anoop,
  It can be found in Table 7-2 on page 148 of CVP SRND Guide
  HTH
  GP.
  Pls rate helpful posts by clicking on the stars under the post !!

• SIP over UDP routing in Cisco 3845

  dear friends,           
  How can we configure the SIP over UDP protocol by Cisco 3845 router?
  For more details please fine the attachment.

  Yes I tried but that is not helpful for me
  How can I contact those people (engage a reputable consultant, or Cisco partner)?
  Also I tried this commands in below.
  voice class codec 1
  codec preference 1 g711alaw
  dial-peer voice 3250 voip
  destination-pattern 3250
  session protocol sipv2
  session target ipv4:10.156.67.6
  session transport udp
  codec g711ulaw
  sip-ua
  retry invite 2
  retry response 2
  retry bye 2
  retry cancel 2
  no inband-alerting
  sip-server ipv4:10.156.67.6
  ip classless
  ip route 0.0.0.0 0.0.0.0 10.157.67.1
  ip route 10.157.67.0 255.255.255.0 10.167.67.225 
  access-list 101 permit ip host 10.156.67.1 host 10.156.67.100
  access-list 101 deny   udp any eq rip any
  access-list 101 deny   udp any any eq rip
  access-list 101 deny   udp any eq isakmp any
  access-list 101 deny   udp any any eq isakmp
  access-list 101 permit ip any any
  snmp-server engineID local 000000090200003094202740
  snmp-server community public RW

• Cisco 3845 didn't detect HWIC-1FE and SFP GLC-LHSM

  Cisco 3845 not detect HWIC-1FE and
  SFP GLC-LHSM.
  What is latest IOS which will detect WIC HWIC-1FE , SFP GLC-LH-SM.

  Hi,
  You need a minimum of 12.4(15)T for HWIC-1FE Support on 3845 routers.
  Please refer the below URL for details:
  http://www.cisco.com/en/US/prod/collateral/routers/ps5854/product_data_sheet0900aecd80581fe6_ps5853_Products_Data_Sheet.html
  For the HWIC-1FE and HWIC-2FE the minimum level is Cisco IOS 12.4(15)T.
  Regards,
  Arul
  *Pls rate if it helps*

• Does Cisco 3845 with NM-16A/S support OIR feature or Hot swap for this NM.

  Dear Sir
  My customer would like to implement Cisco 3845 with NM-16A/S x 4. I found that Cisco 3845 support OIR function but I am not sure OIR function that Cisco 3845 support, it support with which NM models. Can anyone tell me that NM-16A/S on Cisco 3845 support OIR function on this NM or not.
  Thank you very much
  Wisit

  Hi,
  From what I have read from the following document.
  http://www.cisco.com/en/US/products/ps5855/products_installation_guide_chapter09186a00802ccf1d.html
  Network Modules
  Network modules install directly into slots in the rear of the router. The Cisco 3845 router supports online insertion and removal (OIR, or hot swap) of network modules. The Cisco 3825 router does not support OIR.
  Caution The Cisco 3845 router supports OIR with similar modules only. If you remove a network module, along with any installed WAN or voice interface cards, install another module and card combination exactly like it.
  Interface Cards
  Cisco 3800 series routers do not support OIR (hot swap) of interface cards inserted directly into router slots. You must turn off the router before installing or removing an interface card.
  The Cisco 3825 router and the Cisco 3845 router each provide four interface card slots, labeled on the rear panel by HWIC and a number. Each slot can be occupied by one single-wide WIC, VIC, VWIC, or HWIC.
  Hope this helps
  Sarb

• Configure Trunk carrying same Vlans on two separate uplinks on Cisco 3845

  Hi,
  I need to carry 2 vlans(x & y) in a trunk to two separate redundant devices uplinked to Cisco 3845 on Fa1/0 and Fa1/1. I know I can create sub-interfaces on one of the uplink interfaces(i-e Fa1/0) with 2 distinct 802.1q vlans(Fa1/0.x & Fa1/0.y). But is there a way I can carry same vlans(x & y) trunked to my 2nd redundant device uplinked on 3845 from Fa2/0 ? If not then how should I get the 2nd redundant device uplinked to this 3845 router.
  Any tips.. ?
  Thanks for your help and suggestions.

  IF both links are going to the same device then you can create a Layer 3 Etherchannel. 

• Configuring QoS on Cisco 3845 router for Polycom Video Conferecing

  Dear All,
  We have implemented a Polycom Video Conferecing solution at our Head Office. Using this we communicate with other branch offices through WAN (2mbps, MPLS).
  The problem is that this WAN link is also used for data. When the traffic is high on the link, the voice and the video quality goes down drastically and we experience connection drops.
  At the moment we have configured our Polycom box to communicate at 512kbps speed and we would like to reserve it in our WAN link. In case, video conferencing is not happening we would like it to be utilised by other traffic.
  Can we configure QoS on our Cisco 3845 router to do this? I'm not a Cisco expert and have pressures from Management to correct this before the next conference.
  I have already googled a fair bit but couldn't find something for me.
  Could someone please tell me the exact commands that need to be given on our router to achieve this.
  I'll be very thankful for this help.
  Best Regards.

  Hi,
  You can use something like the following to guarantee 5122k of bandwidth to your video-conferencing bandwidth but to allow that bandwidth to be used by other traffic when it is not being used for video-conferencing:
  class-map VDOConf
  match ip dscp af41
  policy-map WANPolicy
  class VDOConf
  bandwidth 512
  interface
  service-policy output WANPolicy
  Note that the above assumes that your video conferencing traffic is being marked to AF41. If that is not the case, you can always match on the IP address of your polycom device using an ACL:
  class-map VDOConf
  match access-group 101
  access-list 101 permit ip .....
  Hope that helps - pls rate the post if it does.
  Paresh

• Will on-board Gigabit Ethernet ports on a Cisco 3845 support a 100 Mb SFP?

  Hi,
  This is a very specific question - hopefully someone has tested this or run into this scenario...
  I was trying to connect a Cisco 3845 router to a 100 Mbps circuit. Specifically, I was trying to connect this circuit to the on-board Gigabit Ethernet port (Gig 0/0). This is the port that can be used as either an RJ45 or SFP slot. The only SFP I had was a multi-mode 100 Mbps SFP. When I hooked it up to Gi0/0, I got a message saying the SFP type wasn't supported on the chassis.
  I was able to deploy the 3845 and since then I haven't had the correct hardware to recreate the exact scenario. Has anyone experienced this? Is it simply because Gigabit interface on a 3845 won't support a Fast Ethernet (100 Mbps) SFP?
  Thanks.

  Not all SFP's will just plug in and work. Here are the SFP's that are considered compatible with the 3800 series ISR's.
  GLC-LH-SM= Gigabit Ethernet SFP, LC connector, LX/LH transceiver
  GLC-SX-MM= Gigabit Ethernet SFP, LC connector, SX transceiver
  GLC-ZX-SM= 1000BASE-ZX SFP
  CWDM-SFP-1470= Coarse wavelength-division multiplexing (CWDM) 1470-nm SFP Gigabit Ethernet and 1G/2G Fibre Channel (FC)
  CWDM-SFP-1490= CWDM 1490-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1510= CWDM 1510-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1530= CWDM 1530-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1550= CWDM 1550-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1570= CWDM 1570-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1590= CWDM 1590-nm SFP Gigabit Ethernet and 1G/2G FC
  CWDM-SFP-1610= CWDM 1610-nm SFP Gigabit Ethernet and 1G/2G FC
  http://www2.bt.com/static/i/media/pdf/cisco_3800_routers_faq.pdf

• CISCO 3845 - WIC-1B-S/T NOT RECOGNIZED

  Dear Sir,
  We have Cisco 3845 Router.I inserted the WIC-1B-S/T - 1 port isdn bri card to the HWIC Slot.but it it not recognized.
  Kindly help me to find out the solution.
  Thanks in advance.
  regards
  nagarajan
  hyundai motor india

  Hello Nagarajan,
  looking at the data sheet (see link below) it appears that the WIC-1B-S/T is not supported on the 3845, you need the WIC-1B-S/T-V3, as well as IOS 12.3(11)T...
  Cisco 3800 Series Integrated Services Routers
  Data Sheet
  http://www.cisco.com/en/US/products/ps5855/products_data_sheet09186a0080091b87.html
  HTH,
  GP

• Cisco 3845 Onboard VP Module Capability

  I have a Cisco 3845 router with on-board VPN module. I wonder whether I can use it for IpSec encryption of my 50 Mbps ethernet line. What is the maximum capacity of the on-board VPN module? When I send "sh crypto eli" command, it says mx IKE session is 700 and max IPSEC-Session is 1400. Any comment will be highly appreciated.

  Yes you can use the VPN module and it's maximum throughput is 180Mbps. Here's a link for reference.
  http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/prod_brochure09186a00801f0a72_ns710_Networking_Solutions_Brochure.html
  Hope that helps.

• DMVPN Issues:

  Hello All
  I have a strange occurence where a Router 2800 series had to be rebooted as the DMVPN session through it went down and the Router had to be rebooted in order to restore the VPN session. Initially, I thought this was due to an IOS issue.
  Then another Router this time 2900 series router had the same problem and again needed a reboot to restore the DMVPN tunnel.
  Anybody has faced this before and can provide some insight / advice on this.
  Please let me know if you need any information on this
  Many Thanks in advance.

  Hi,
  Were you able to capture the syslogs?
  Was this on a spoke or hub router?
  Sent from Cisco Technical Support iPhone App