TCP behaviour in QOS
please any one explain me in detail or give me link to read about TCP behaviour in traffice congesion it means i want to study in detail regarding to Congesion window, receiver window SSTHRESH etc.
regards
devang
Heres a link to a straightforward explanation of how TCP copes with congestion.
http://www.tcpipguide.com/free/t_TCPCongestionHandlingandCongestionAvoidanceAlgorit.htm
Of course the authoritative source is the RFC.
http://www.ietf.org/rfc/rfc2581.txt
Please rate helpful posts.
Similar Messages
-
How do I tune TCP SYN resend/retransmit rate for satellite?
On a satellite internet connection MacOSX (and, I believe, iPhones) have excessively aggressive SYN resend timing.
The existing settings make iTunes and SSL based services (banking, email etc) unreliable and often unworkable.
Plain HTTP (most web browsing) gives the appearance of working because browsers quietly retry.
I have been unable to find a setting in Preferences or sysctl to adjust this. And of course there's nothing useful on an iPhone. It would be helpful if there was some switch for "satellite" or "high latency" networks.
Summary:
When combined with the (common) TCP accelleration in a satellite modem, TCP connections from a Mac over satellite often get reset right at the start when the connection is commencing because of a race condition between the modem's stateful connection proxying and MacOSX's excessively rapid SYN resends.
Workaround:
Running a proxy between the Mac and the modem (in our case, in our firewall) where the proxy runs on a more conventional machine with much slower (normal) SYN resend times seems to work around the issue by making the Mac's connection to the proxy, and the proxy's connection over the satellite connection. Because the proxy's host has better TCP behaviour, the connections succeed.
Detailed problem description and explaination:
At times, SSL connections (HTTPS, POP3S, IMAPS) and other connections receive a batch of RST packets just after setup, leading to connection refused or connection reset by peer. Depending on the app, you get an assortment of errors messages of varying vagueness. iTunes is especailly useless here, just saying an unknown error occurred.
For something that reports the OS-level error you get message like this:
socket error ([Errno 54] Connection reset by peer)
Generally, if the connection succeeds it will stay up. The failure occurs at connection setup time.
From running tcpdumps on my firewall when this is happening, the behaviour is as follows:
For background to understand what follows: a TCP connection is established by you sending a SYN (synchronise) packet to the far end. The far end replies with a SYN/ACK acknowledging the connection. You then send an ACK ackowledging receipt of the SYN/ACK. And then you send and receive data packets.
A successful connection looks like this (you may need to make your window rather wide):
16:47:47.896426 172.16.3.7.50142 > X.X.X..995: S 2233798023:2233798023(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306458055 0,sackOK,eol> (DF)
16:47:48.597903 172.16.3.7.50142 > X.X.X.X.995: S 2233798023:2233798023(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306458755 0,sackOK,eol> (DF)
16:47:48.643500 X.X.X.X.995 > 172.16.3.7.50142: S 0:0(0) ack 2233798024 win 13312 <mss 1321>
16:47:48.644794 172.16.3.7.50142 > X.X.X.X.995: . ack 1 win 65535 (DF)
16:47:48.645639 172.16.3.7.50142 > X.X.X.X.995: P 1:307(306) ack 1 win 65535 (DF)
So: the normal SYN, a duplicate SYN 701ms later (much too early), a SYN/ACK from the far end and an ACK for that from this end. And then normal traffic.
An unsuccessful connection looks like this:
16:48:11.094536 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306481128 0,sackOK,eol> (DF)
16:48:11.797141 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306481827 0,sackOK,eol> (DF)
16:48:12.099393 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306482127 0,sackOK,eol> (DF)
16:48:12.400934 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306482427 0,sackOK,eol> (DF)
16:48:12.702356 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306482727 0,sackOK,eol> (DF)
16:48:13.003581 X.X.X.X.995 > 172.16.3.7.50144: S 0:0(0) ack 2181400206 win 13312 <mss 1321>
16:48:13.005832 172.16.3.7.50144 > X.X.X.X.995: S 2181400205:2181400205(0) win 65535 <mss 1460,nop,wscale 4,nop,nop,timestamp 1306483028 0,sackOK,eol> (DF)
16:48:13.006593 X.X.X.X.995 > 172.16.3.7.50144: R 1:1(0) win 0
16:48:13.007379 172.16.3.7.50144 > X.X.X.X.995: . ack 1 win 65535 (DF)
16:48:13.007778 172.16.3.7.50144 > X.X.X.X.995: P 1:307(306) ack 1 win 65535 (DF)
16:48:13.008437 X.X.X.X.995 > 172.16.3.7.50144: R 1:1(0) win 0
16:48:13.009220 X.X.X.X.995 > 172.16.3.7.50144: R 1:1(0) win 0
A normal SYN, which gets repeated 703ms later, then 302ms after that, then 301ms later, then 302ms later. Then a SYN/ACK from the far end 2097 milliseconds after the first SYN. Then yet another repeated SYN from our end 303ms after the last SYN, then immediately an RST. Our ACK follows (probably already dispatched by the Mac before the RST, but arriving at the firewall just after the RST) and a PUSH with the first data. Two more immediate RSTs come back, presumably for each of these data packets.
By comparison, our BSD firewall resends the first SYN 6 seconds after the original, then even slower. Comparsed to 600-700ms, then every 300ms from the Mac. The Mac's resends interact very badly with sat modem TCP acceleration and sat latency.
There seem to be a few things going on here:
Firstly, something is sending too many SYN packets. There is no need to send repeated SYNs every 300ms. Certainly the best round trip latency over a satellite is about 700ms. The coincidence of the satellite latency and the first resend time probably exacerbates things.
Secondly, sending a SYN _after_ the far end's SYN/ACK has come back seems to elicit an RST packet. I think this is because the modem has established state for the connection because it has seen the far end's reply, and is rejecting what it now thinks is an attempt to set up a new connection using the same ports (forbidden).
Third, this happens more at times of congestion, because the SYN/ACK takes a little longer to come back.
Fourth, the immediacy of the RST packets seems to suggest the RSTs are coming from the modem. So it is probably doing TCP accelleration, and that is producing the RSTs.
There are two problems here:
Up front, the Mac is producing SYNs too often when starting a connection. This exacerbates the problem into something that happens frequently (when it happens at all). This may be TCP "fast mode", but regardless I cannot seem to turn it off.
Second, one could argue that that modem is being overly strict about rejecting the extra SYN. Probably better to pass it through to the far end and let that decide whether to RST it. The modem is doing TCP accelleration (which is fine – it permits better behaviour once the connection is established) but is considering the connection "established" too early. It seems to do it on seeing the SYN/ACK, instead of waiting to see the third packet (the ACK).
I also suspect this happens with plain HTTP as well, but that browsers hide it by retrying connections. The modem is not going to get fixed.
While I think I'm working around this in my firewall now by diverting all outbound satellite connections through a proxy, many users will not have that option, nor any ability to diagnose the issue. They'll just see "Macs don't work on satellite". I'm not alone; there is a scattering of posts on Whirlpool recounting similar symptoms on satellite with Macs.Hi Peter,
Simultaneous scanning attacks can be achived when the attack is launched with a botnet. At that moment "n" number of systems are launching attack without their knowledge.
Regards,
Anim Saxena
Community Manager,
*Rate helpful post* -
CSS keepalive TCP flags
Hi. I have a problem with the way an application behaves in response to CSS tcp keepalives, I'd be grateful for any advice.
Using standard TCP keepalives, an application logs a broken connection for every keepalive, filling up the app logs, causing the administrators to complain. If I change the tcp-close type to FIN, the application doesn't log an error, but it still logs the connection, same complaint from the admins.
The application developers feel that it's not their problem, they're comparing the keepalives to nmap probes and indeed, it is possible to confirm that the service is up with nmap, without generating an error/connection log entry on the server.
According to some Wireshark captures, the TCP flags of a CSS keepalive, compared to an nmap probe, are as follows;
CSS
CSS --> Syn --> Server
CSS <-- Syn, Ack <-- Server
CSS --> Ack --> Server
CSS --> Rst, Ack --> Server
nmap -sS
NmapPC --> Syn --> Server
NmapPC <-- Syn, Ack <-- Server
NmapPC --> Rst --> Server
So, my question is, can the tcp behaviour of CSS keepalives be modified, to dispense with the arguably superfluous 'ack'ing that's illustrated above?
Thanks
AndyThanks for the replies.
I've tried tcp-close fin, it stops an error being logged, but the application still logs the connection.
I wouldn't be concerned, other than the fact it clearly is possible to both establish that the service is running on the server and not log the connection attempt, using Nmap's more abbreviated tcp behaviour.
I am curious, though. What is the CSS acknowledging when it sends an ACK in the RST packet?
Regards
Andy -
Wireless QoS - DSCP to 802.11e translation
Hi,
Would appreciate some advice, I am using a 5508 controller, I have an SSID that has WMM enabled and platinum QoS profile applied, with default settings. I have 802.11p set to none as we are not doing layer 2 QoS on the switches.
I found that when pinging a wireless client with DSCP set to EF the packets (all packets in fact) are being sent from the AP to the client with 802.11e set to zero. I verified this via AirPCAP.
Can someone confirm why the AP is not taking the DSCP marking from the outer LWAPP IP header and translating it to an 802.11e value?
My best guess is that I need to enable 802.11p on the QoS profile in order for the AP to start translating DSCP to 802.11e. The thing is that I don't particularly want to mark 802.11p as we will not be enabling QoS on the switches, and my understanding is that it's not really required in order for DSCP to be translated from the outer LWAPP IP header to the 802.11e field.
I've reviewed the Cisco documentation on wireless QoS, including the diagram showing the packet flow and copying of QoS markings at each step....
Thanks in advance,
PeteHi Pete,
If you are not enable QoS & disable re-write of DSCP on your switches, pretty much you will get the incoming packet DSCP when it leaves any switchport. Therefore WLC should get DSCP EF packets & outer CAPWAP should have DSCP EF. I have done a quick test to simulate your issue. WLAN configured for platinum QoS profile with 802.1p set to none. Wired PC - RTP traffic mark to EF in my case (as windows 7 does not correctly classify traffic).
1. Wired PC (IPCommunicator) ->Switch with no QoS -> AP -> Wireless client (7921 phone)
2. Wired PC (IPCommunicator) ->Switch with no QoS -> AP -> Wireless client (Laptop with IPC)
When I capture traffic for Cisco wireless phone I can see wireless frame is having UP value of "6-Voice". But when I do the testing for wirless laptop client I observed wireless frame are having UP of "0 - Best Effort" (as you observed as well). I would expected in both cases wireless frame UP to be zero. Not sure why behaviour differnt for Cisco 7921 phone.
Then I enabled QoS on the switch & trust DSCP on AP & wired PC connected port & CoS on WLC connected switch port. But left QoS profile 802.1p tag as " None". This time in both scenarios I have observed WMM_UP value "0-Best Effort" in wireless frames even though the AP received outer CAPWAP as EF. This is normal behaviour as QoS profile set to 802.1p to none & therefore outer CAPWAP will not translate to UP=6 as it is. It will cap to max of 802.1p configured (presumed none mean 0)
Finally when I set 802.1p tag to 6 on QoS profile & conduct the same test. I expected in both scenarios UP=6 for EF marked traffic to wireless client (cisco phone or wireless laptop). As expected Cisco phone received wireless frame had UP=6 Voice, but wireless laptop received frame had UP=0 best effort.
I am geussing this due to some kind of WMM incompatibility of different devices (not sure though). I will try to do this with some other clients ( jabber in iPhone & Galaxy SIII) & see any common behaviour.
As per the VoWLAN 4.1 design guide (page 2-18,19) 802.1p classification in QoS profile controll two behaviours
1. Determine what class of service (CoS) value is used for packets initiated from the WLC.
2. Determine the maximum CoS value that can be used by clients connected to that WLAN.
Regarding the QoS profile & traffic mapping, If you set your QoS profile to "Silver with 802.1p Tag of 3" & your wilreless clients' EF marked traffic (ie WMM_UP of 6) will translate into outer CAPWAP DSCP value of AF21 by AP. Same applicable to any video traffic from wireless clients (as it comes with WMM_UP of 4 or 5). But original packet's inner DSCP value remain as it is because of CAPWAP encapsulation from AP -> WLC. Due to this within wired network (at least from AP to WLC) you cannot differentiate Voice , Video packets as all having same DSCP value (AF21). Anyway in your case this won't matter as you do not do any prioratization of your traffic within your switch network.
Just for curiosity why do not you use qos on your switches ? is there any reason ? How do you prioratize your voice traffic over any other type of traffic in your network ?
I am running WLC 4402 with code 7.0.116. What is the software version you are running on your WLC ?
When it comes to software version 7.4 code, cisco introduced "Application Visibilty & Control" feature where you can classify traffic at the WLC as you normally do in wired switches. This will allow reclassify, markdown, drop traffic according to traffic categories.
HTH
Rasika -
DB Version : 10.2.0.4
When VIP is functional , the CONNECTION REFUSED errors are quickly detected, and transparently the connection request will be transferred(fail over) to the next available IP.
If something goes wrong with your VIP , the failover will still happen but only after a substantial delay (until the TCP CONNECTION timeout is detected ). Am i Right?Yes, this is TCP behaviour - nothing specifically to do with using virtual IP addresses.
The Oracle client driver will use the socket connect() call to initiate the TCP connection. It can take some time before this call fails with a ETIMEDOUT error. A ECONNREFUSED is usually immediate.
In case of a connect() failure, the client driver will then use the next IP address in the address list and try that (should the TNS provide an enumerated list of addresses).
The ETIMEDOUT error can result after a very long delay when the server owning that IP address has not yet completed loading (or shutting down) its IP stack or NIC. The ECONNREFUSED is usually immediate as the IP stack is up and running, and can respond directly with a "+no service listening on that port+" error. -
QOS Network Planning - TCP/UDP Ports used in CWMS 2.5 MDC deployment
Does anyone know if there is documentation that describes the WAN traffic in CWMS 2.5 MDC? I'm looking for the TCP/UDP ports that must be prioritized on the WAN to properly class our traffic between the two data centers. I can't find any such document.
Thanks,
MattHI Matt,
All the network requirements are listed in the CWMS 2.5 Planning Guide in Networking Checklist: http://www.cisco.com/c/en/us/td/docs/collaboration/CWMS/2_5/Planning_Guide/Planning_Guide/Planning_Guide_chapter_0100.html
I hope this is what you are looking for.
-Dejan -
Folks,
Our server admins replicated some VMs across between server 1 and server 2 (through a switch) and I believe saturated the 10Gb trunk link which caused connectivity issues for the end users to the servers. Our exchange dropped over to a backup server at another site as I guess it wasnt able to detect the online exchange because traffic was dropping.
Looking at the config on the switches, the servers are connected via etherchannels to the switches (2 x 10gb links) and I believe it saturated one of the links which caused issues temporarily.
There trunk ports between servers and switch are carrying multiple vlans and I suspect due to the lack of QoS setup on this switch that user traffic isnt given priority.
With no experience setting QoS up before, where do I begin?
Another question, if a etherchannel is two links with src-dst-ip setup as load balancing, I believe it wasnt using all bandwidth across both links because of this. This is normal behaviour, is it not?Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The issue you noted, very much might be mitigated by QoS. Something like replication traffic can often work fine deprioritized relative to most other traffic, including "normal" default traffic. Additionally, using relative prioritizations, rather than some artificial shaping or policing, generally allows some bandwidth heavy traffic, such as replication, to fully leverage all your available bandwidth; again without being adverse to other traffic.
Regarding Etherchannel load balancing, source/destination hash combos normally do well, using source/destination IP, when supported, often the best option.
Of course, traffic between two hosts will have the same IP, so all traffic will flow across the same path. Some switches, also allow port (UDP/TCP) numbers to be included in the hash, but this often doesn't help when there's just one very busy flow. If the switches do support port hashing, you might work with your server folk to determine if huge replication transfers might be split into multiple flows. -
Cisco 7206 has with LLQ QOS and cpu 85 %
hi all ,
i want to mention issue about cisco router 7206 npeg2 :
can this router handle traffic 780 Mbps as download and 75 MBps as upload ?? with cpu 85 % and with LLQ qos ??
im asking this question because my QOS althoug it matched alot of traffic , it some time get slow and seems that QOS not working fine , im sure that my work is fine, because it was fine , but recent days i added more bw ???!!!!!
dont know if need more memory for router for QOS :
===============================================================
7200Gateway#sh memory
Head Total(b) Used(b) Free(b) Lowest(b) Largest(b)
Processor 6B97A80 1883669308 114125456 1769543852 1768174580 1760364316
I/O 78000000 67108864 4482572 62626292 62598896 62617884
Transient 77000000 16777216 22196 16755020 16222412 16728368
Processor memory
Address Bytes Prev Next Ref PrevF NextF Alloc PC what
06B97A80 0000010004 00000000 06B9A1C4 001 -------- -------- 01A493D8 CEF: fib
06B9A1C4 0000000028 06B97A80 06B9A210 000 87F3D04 87FD620 015FC24C AAA Attr Binary/String
06B9A210 0000004700 06B9A1C4 06B9B49C 001 -------- -------- 01AC85B4 ADJ: adjacency
06B9B49C 0000004100 06B9A210 06B9C4D0 001 -------- -------- 0011245C HTTP CORE
06B9C4D0 0000004100 06B9B49C 06B9D504 001 -------- -------- 00112548 HTTP CORE
06B9D504 0000004100 06B9C4D0 06B9E538 001 -------- -------- 00112548 HTTP CORE
06B9E538 0000004100 06B9D504 06B9F56C 001 -------- -------- 00112548 HTTP CORE
06B9F56C 0000004100 06B9E538 06BA05A0 001 -------- -------- 00112548 HTTP CORE
06BA05A0 0000000756 06B9F56C 06BA08C4 001 -------- -------- 0343C38C Process
06BA08C4 0000000204 06BA05A0 06BA09C0 001 -------- -------- 0343FAB4 Process Events
06BA09C0 0000022764 06BA08C4 06BA62DC 001 -------- -------- 04055CB4 IPSM Octet Str
06BA62DC 0000014488 06BA09C0 06BA9BA4 001 -------- -------- 0405C0C4 ipsm IPSEC Fai
06BA9BA4 0000004100 06BA62DC 06BAABD8 001 -------- -------- 00112548 H
===========================================================================
==========================================
7200Gateway#sh version
Cisco IOS Software, 7200 Software (C7200P-ADVENTERPRISEK9-M), Version 12.4(24)T7, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 28-Feb-12 12:53 by prod_rel_team
ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)
7200Gateway uptime is 2 weeks, 5 days, 19 hours, 43 minutes
System returned to ROM by power-on
System image file is "disk2:/c7200p-adventerprisek9-mz.124-24.T7.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 7206VXR (NPE-G2) processor (revision A) with 1966080K/65536K bytes of memory.
Processor board ID 13252317
MPC7448 CPU at 1666Mhz, Implementation 0, Rev 2.2
6 slot VXR midplane, Version 2.0
Last reset from power-on
PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
Please refer to the following document "Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
for c7200 bandwidth points oversubscription and usage guidelines.
1 FastEthernet interface
3 Gigabit Ethernet interfaces
2045K bytes of NVRAM.
250880K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
==============================================================
7200Gateway#sh processes cpu
CPU utilization for five seconds: 85%/84%; one minute: 84%; five minutes: 84%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 32 416 76 0.00% 0.00% 0.00% 0 Chunk Manager
2 32788 342520 95 0.00% 0.05% 0.05% 0 Load Meter
3 0 1 0 0.00% 0.00% 0.00% 0 chkpt message ha
4 0 1 0 0.00% 0.00% 0.00% 0 EDDRI_MAIN
5 2624584 213262 12306 0.00% 0.03% 0.04% 0 Check heaps
6 56 373 150 0.00% 0.00% 0.00% 0 Pool Manager
7 0 2 0 0.00% 0.00% 0.00% 0 Timers
8 0 2 0 0.00% 0.00% 0.00% 0 ATM AutoVC Perio
9 0 2 0 0.00% 0.00% 0.00% 0 ATM VC Auto Crea
10 16 28543 0 0.00% 0.00% 0.00% 0 IPC Dynamic Cach
11 0 1 0 0.00% 0.00% 0.00% 0 IPC Zone Manager
12 688 1670887 0 0.00% 0.00% 0.00% 0 IPC Periodic Tim
13 520 1670887 0 0.00% 0.00% 0.00% 0 IPC Deferred Por
14 0 1 0 0.00% 0.00% 0.00% 0 IPC Seat Manager
15 0 1 0 0.00% 0.00% 0.00% 0 IPC BackPressure
16 9007072 30711869 293 1.35% 0.15% 0.11% 0 EnvMon
17 0 1 0 0.00% 0.00% 0.00% 0 OIR Handler
18 0 1 0 0.00% 0.00% 0.00% 0 Crash writer
19 1380 3892 354 0.00% 0.00% 0.00% 0 ARP Input
20 1584 1784473 0 0.00% 0.00% 0.00% 0 ARP Background
21 0 2 0 0.00% 0.00% 0.00% 0 ATM Idle Timer
22 0 1 0 0.00% 0.00% 0.00% 0 CEF MIB API
23 4 134 29 0.00% 0.00% 0.00% 0 AAA high-capacit
24 0 1 0 0.00% 0.00% 0.00% 0 AAA_SERVER_DEADT
25 0 1 0 0.00% 0.00% 0.00% 0 Policy Manager
26 0 2 0 0.00% 0.00% 0.00% 0 DDR Timers
27 0 5 0 0.00% 0.00% 0.00% 0 Entity MIB API
28 0 2 0 0.00% 0.00% 0.00% 0 Serial Backgroun
29 0 1 0 0.00% 0.00% 0.00% 0 RO Notify Timers
30 0 1 0 0.00% 0.00% 0.00% 0 RMI RM Notify Wa
31 28 281 99 0.00% 0.00% 0.00% 0 EEM ED Syslog
32 0 2 0 0.00% 0.00% 0.00% 0 SMART
33 724 1712571 0 0.00% 0.00% 0.00% 0 GraphIt
34 0 2 0 0.00% 0.00% 0.00% 0 Dialer event
35 0 1 0 0.00% 0.00% 0.00% 0 SERIAL A'detect
36 0 2 0 0.00% 0.00% 0.00% 0 XML Proxy Client
37 0 2 0 0.00% 0.00% 0.00% 0 VSA background
38 0 1 0 0.00% 0.00% 0.00% 0 VSA Cleanup Proc
39 0 1 0 0.00% 0.00% 0.00% 0 Critical Bkgnd
40 4348 444483 9 0.00% 0.00% 0.00% 0 Net Background
41 0 2 0 0.00% 0.00% 0.00% 0 IDB Work
42 32 501 63 0.00% 0.00% 0.00% 0 Logger
43 1236 1710802 0 0.00% 0.00% 0.00% 0 TTY Background
44 16504 1712627 9 0.07% 0.00% 0.00% 0 Per-Second Jobs
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
45 20 34 588 0.00% 0.00% 0.00% 0 IF-MGR control p
46 8 40 200 0.00% 0.00% 0.00% 0 IF-MGR event pro
47 0 1 0 0.00% 0.00% 0.00% 0 Inode Table Dest
48 0 1 0 0.00% 0.00% 0.00% 0 IKE HA Mgr
49 0 1 0 0.00% 0.00% 0.00% 0 IPSEC HA Mgr
50 4 4 1000 0.00% 0.00% 0.00% 0 rf task
51 12808 179149 71 0.00% 0.00% 0.00% 0 Net Input
52 1304 342532 3 0.00% 0.00% 0.00% 0 Compute load avg
53 610136 28974 21058 0.00% 0.00% 0.00% 0 Per-minute Jobs
54 0 1 0 0.00% 0.00% 0.00% 0 Token Daemon
55 4 10570 0 0.00% 0.00% 0.00% 0 Transport Port A
56 1272 505453 2 0.00% 0.00% 0.00% 0 HC Counter Timer
57 0 1 0 0.00% 0.00% 0.00% 0 Coproc Event Pro
58 0 1 0 0.00% 0.00% 0.00% 0 POS APS Event Pr
59 0 1 0 0.00% 0.00% 0.00% 0 SONET alarm time
60 0 1 0 0.00% 0.00% 0.00% 0 CSP Timer
61 204 4 51000 0.00% 0.00% 0.00% 0 USB Startup
62 0 2 0 0.00% 0.00% 0.00% 0 FPD Management P
63 0 1 0 0.00% 0.00% 0.00% 0 FPD Action Proce
64 0 2 0 0.00% 0.00% 0.00% 0 VNM DSPRM MAIN
65 0 1 0 0.00% 0.00% 0.00% 0 RF_INTERDEV_DELA
66 0 1 0 0.00% 0.00% 0.00% 0 RF_INTERDEV_SCTP
67 464 1712577 0 0.00% 0.00% 0.00% 0 ISA Common Helpe
68 0 2 0 0.00% 0.00% 0.00% 0 Flash MIB Update
69 0 58 0 0.00% 0.00% 0.00% 0 Flash Card Oir
70 0 1 0 0.00% 0.00% 0.00% 0 CES Line Conditi
71 0 1 0 0.00% 0.00% 0.00% 0 CF_INTERDEV_SCTP
72 0 1 0 0.00% 0.00% 0.00% 0 Async write proc
73 0 2 0 0.00% 0.00% 0.00% 0 Ethernet CFM
74 736 1670893 0 0.00% 0.00% 0.00% 0 Ethernet Timer C
75 0 1 0 0.00% 0.00% 0.00% 0 delayed evt hand
76 28 112 250 0.00% 0.00% 0.00% 0 AAA Server
77 0 1 0 0.00% 0.00% 0.00% 0 AAA ACCT Proc
78 0 1 0 0.00% 0.00% 0.00% 0 ACCT Periodic Pr
79 0 2 0 0.00% 0.00% 0.00% 0 AAA Dictionary R
80 744 1670882 0 0.00% 0.00% 0.00% 0 BGP Scheduler
81 0 2 0 0.00% 0.00% 0.00% 0 Ethernet OAM Pro
82 0 2 0 0.00% 0.00% 0.00% 0 Ethernet LMI
83 0 2 0 0.00% 0.00% 0.00% 0 CEF switching ba
84 3684 14726 250 0.00% 0.00% 0.00% 0 ADJ resolve proc
85 8 30 266 0.00% 0.00% 0.00% 0 IP ARP Adjacency
86 0 1 0 0.00% 0.00% 0.00% 0 IP ARP Retry Age
87 3481296 6804010 511 0.00% 0.02% 0.01% 0 IP Input
88 0 1 0 0.00% 0.00% 0.00% 0 ICMP event handl
89 0 9 0 0.00% 0.00% 0.00% 0 TurboACL
90 0 2 0 0.00% 0.00% 0.00% 0 TurboACL chunk
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
91 0 1 0 0.00% 0.00% 0.00% 0 IPv6 Echo event
92 16 2854 5 0.00% 0.00% 0.00% 0 MOP Protocols
93 0 1 0 0.00% 0.00% 0.00% 0 LSP Tunnel FRR
94 0 1 0 0.00% 0.00% 0.00% 0 MPLS Auto-Tunnel
95 0 3 0 0.00% 0.00% 0.00% 0 PPP Hooks
96 0 1 0 0.00% 0.00% 0.00% 0 Async write proc
97 0 1 0 0.00% 0.00% 0.00% 0 SSS Manager
98 0 1 0 0.00% 0.00% 0.00% 0 SSS Feature Mana
99 0 1 0 0.00% 0.00% 0.00% 0 SSS Feature Time
100 0 2 0 0.00% 0.00% 0.00% 0 Spanning Tree
101 0 1 0 0.00% 0.00% 0.00% 0 X.25 Encaps Mana
102 20 96 208 0.00% 0.00% 0.00% 0 SSM connection m
103 0 1 0 0.00% 0.00% 0.00% 0 AC Switch
104 4 5709 0 0.00% 0.00% 0.00% 0 Authentication P
105 0 1 0 0.00% 0.00% 0.00% 0 Auth-proxy AAA B
106 0 2 0 0.00% 0.00% 0.00% 0 EAPoUDP Process
107 0 2 0 0.00% 0.00% 0.00% 0 IP Host Track Pr
108 0 2 0 0.00% 0.00% 0.00% 0 KRB5 AAA
109 1152 49386 23 0.00% 0.00% 0.00% 0 IP Background
110 2276 28582 79 0.00% 0.00% 0.00% 0 IP RIB Update
111 60 34442 1 0.00% 0.00% 0.00% 0 CEF background p
112 6784 2485297 2 0.00% 0.00% 0.00% 0 CEF: IPv4 proces
113 12 104 115 0.00% 0.00% 0.00% 0 ADJ background
114 0 2 0 0.00% 0.00% 0.00% 0 PPP IP Route
115 0 2 0 0.00% 0.00% 0.00% 0 PPP IPCP
116 0 1 0 0.00% 0.00% 0.00% 0 IP Traceroute
117 7292 7550370 0 0.00% 0.00% 0.00% 0 TCP Timer
118 1300 10511 123 0.00% 0.00% 0.00% 0 TCP Protocols
119 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
120 18228 11429 1594 0.00% 0.00% 0.00% 0 HTTP CORE
121 0 2 0 0.00% 0.00% 0.00% 0 RLM groups Proce
122 0 1 0 0.00% 0.00% 0.00% 0 L2X Data Daemon
123 0 1 0 0.00% 0.00% 0.00% 0 ac_atm_state_eve
124 0 2 0 0.00% 0.00% 0.00% 0 SNMP Timers
125 1320 1710737 0 0.00% 0.00% 0.00% 0 RUDPV1 Main Proc
126 0 1 0 0.00% 0.00% 0.00% 0 bsm_timers
127 568 1710728 0 0.00% 0.00% 0.00% 0 bsm_xmt_proc
128 0 1 0 0.00% 0.00% 0.00% 0 COPS
129 0 2 0 0.00% 0.00% 0.00% 0 Dialer Forwarder
130 0 3 0 0.00% 0.00% 0.00% 0 Flow Exporter Ti
131 0 2 0 0.00% 0.00% 0.00% 0 ATM OAM Input
132 0 2 0 0.00% 0.00% 0.00% 0 ATM OAM TIMER
133 0 1 0 0.00% 0.00% 0.00% 0 RARP Input
134 0 1 0 0.00% 0.00% 0.00% 0 IPv6 Inspect Tim
135 0 1 0 0.00% 0.00% 0.00% 0 LAPB Process
136 0 2 0 0.00% 0.00% 0.00% 0 LFDp Input Proc
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
137 0 1 0 0.00% 0.00% 0.00% 0 PAD InCall
138 0 2 0 0.00% 0.00% 0.00% 0 X.25 Background
139 0 2 0 0.00% 0.00% 0.00% 0 PPP Bind
140 0 2 0 0.00% 0.00% 0.00% 0 PPP SSS
141 0 1 0 0.00% 0.00% 0.00% 0 MQC Flow Event B
142 35504 424737438 0 0.23% 0.25% 0.23% 0 HQF Shaper Backg
143 4068 17031478 0 0.00% 0.00% 0.00% 0 RBSCP Background
144 0 2 0 0.00% 0.00% 0.00% 0 SCTP Main Proces
145 0 1 0 0.00% 0.00% 0.00% 0 VPDN call manage
146 0 1 0 0.00% 0.00% 0.00% 0 CHKPT EXAMPLE
147 0 1 0 0.00% 0.00% 0.00% 0 CHKPT DevTest
148 0 1 0 0.00% 0.00% 0.00% 0 IPS Process
149 0 2 0 0.00% 0.00% 0.00% 0 IPS Auto Update
150 0 2 0 0.00% 0.00% 0.00% 0 SDEE Management
151 948 3338807 0 0.00% 0.00% 0.00% 0 Inspect process
152 0 1 0 0.00% 0.00% 0.00% 0 xcpa-driver
153 52 136947 0 0.00% 0.00% 0.00% 0 FW DP Inspect pr
154 1112 3338806 0 0.00% 0.00% 0.00% 0 CCE DP URLF cach
155 0 2 0 0.00% 0.00% 0.00% 0 URL filter proc
156 0 1 0 0.00% 0.00% 0.00% 0 XSM_EVENT_ENGINE
157 144 171238 0 0.00% 0.00% 0.00% 0 XSM_ENQUEUER
158 68 171238 0 0.00% 0.00% 0.00% 0 XSM Historian
159 0 1 0 0.00% 0.00% 0.00% 0 Select Timers
160 4 2 2000 0.00% 0.00% 0.00% 0 HTTP Process
161 0 2 0 0.00% 0.00% 0.00% 0 CIFS API Process
162 0 2 0 0.00% 0.00% 0.00% 0 CIFS Proxy Proce
163 0 1 0 0.00% 0.00% 0.00% 0 Crypto HW Proc
164 56 114166 0 0.00% 0.00% 0.00% 0 ACE policy loade
165 156 68505 2 0.00% 0.00% 0.00% 0 CRM_CALL_UPDATE_
166 36688 172862 212 0.00% 0.00% 0.00% 0 BGP I/O
167 0 2 0 0.00% 0.00% 0.00% 0 AAA Cached Serve
168 0 2 0 0.00% 0.00% 0.00% 0 ENABLE AAA
169 0 1 0 0.00% 0.00% 0.00% 0 EM Background Pr
170 0 1 0 0.00% 0.00% 0.00% 0 Key chain liveke
171 0 2 0 0.00% 0.00% 0.00% 0 LINE AAA
172 44 112 392 0.00% 0.00% 0.00% 0 LOCAL AAA
173 0 42 0 0.00% 0.00% 0.00% 0 MPLS Auto Mesh P
174 0 2 0 0.00% 0.00% 0.00% 0 TPLUS
175 0 2 0 0.00% 0.00% 0.00% 0 VSP_MGR
176 0 1 0 0.00% 0.00% 0.00% 0 FW_TEST_TRP
177 0 1 0 0.00% 0.00% 0.00% 0 EPM MAIN PROCESS
178 4 3 1333 0.00% 0.00% 0.00% 0 Crypto WUI
179 0 2 0 0.00% 0.00% 0.00% 0 Crypto Support
180 0 1 0 0.00% 0.00% 0.00% 0 IPSECv6 PS Proc
181 0 1 0 0.00% 0.00% 0.00% 0 CCVPM_HTSP
182 0 1 0 0.00% 0.00% 0.00% 0 CCVPM_R2
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
183 0 1 0 0.00% 0.00% 0.00% 0 EPHONE MWI Refre
184 0 1903 0 0.00% 0.00% 0.00% 0 FB/KS Log HouseK
185 0 2 0 0.00% 0.00% 0.00% 0 EPHONE MWI BG Pr
186 0 1 0 0.00% 0.00% 0.00% 0 Skinny HW confer
187 0 1 0 0.00% 0.00% 0.00% 0 CCSWVOICE
188 206492 114180 1808 0.00% 0.00% 0.00% 0 BGP Scanner
189 0 1 0 0.00% 0.00% 0.00% 0 http client proc
190 0 3 0 0.00% 0.00% 0.00% 0 BGP Event
191 0 1 0 0.00% 0.00% 0.00% 0 QOS_MODULE_MAIN
192 0 1 0 0.00% 0.00% 0.00% 0 RPMS_PROC_MAIN
193 0 1 0 0.00% 0.00% 0.00% 0 VoIP AAA
194 0 2 0 0.00% 0.00% 0.00% 0 Dialog Manager
195 184 104 1769 0.00% 0.00% 0.00% 0 crypto engine pr
196 0 4 0 0.00% 0.00% 0.00% 0 Crypto CA
197 0 1 0 0.00% 0.00% 0.00% 0 Crypto PKI-CRL
198 28008 64288 435 0.00% 0.00% 0.00% 0 encrypt proc
199 384768 28300 13596 0.00% 0.00% 0.00% 0 crypto sw pk pro
200 8 27 296 0.00% 0.00% 0.00% 0 Crypto INT
201 456 2019 225 0.00% 0.00% 0.00% 0 Crypto IKE Dispa
202 2128 2714 784 0.00% 0.00% 0.00% 0 Crypto IKMP
203 0 1 0 0.00% 0.00% 0.00% 0 IPSEC manual key
204 180 85737 2 0.00% 0.00% 0.00% 0 IPSEC key engine
205 0 1 0 0.00% 0.00% 0.00% 0 CRYPTO QoS proce
206 28 142 197 0.00% 0.00% 0.00% 0 Crypto ACL
207 0 1 0 0.00% 0.00% 0.00% 0 Crypto PAS Proc
208 0 1 0 0.00% 0.00% 0.00% 0 GDOI GM Process
209 0 1 0 0.00% 0.00% 0.00% 0 UNICAST REKEY
210 0 1 0 0.00% 0.00% 0.00% 0 UNICAST REKEY AC
211 0 1 0 0.00% 0.00% 0.00% 0 MV64 TDR Process
212 0 1 0 0.00% 0.00% 0.00% 0 IMA Traps
213 0 1 0 0.00% 0.00% 0.00% 0 SYSMGT Events
214 0 2 0 0.00% 0.00% 0.00% 0 Control-plane ho
215 0 1 0 0.00% 0.00% 0.00% 0 DATA Transfer Pr
216 0 1 0 0.00% 0.00% 0.00% 0 DATA Collector
217 0 1 0 0.00% 0.00% 0.00% 0 Async write proc
218 116 292 397 0.00% 0.00% 0.00% 0 AAA SEND STOP EV
219 136 171243 0 0.00% 0.00% 0.00% 0 RMON Recycle Pro
220 0 2 0 0.00% 0.00% 0.00% 0 RMON Deferred Se
221 0 1 0 0.00% 0.00% 0.00% 0 Syslog Traps
222 0 2 0 0.00% 0.00% 0.00% 0 EEM ED Resource
223 0 2 0 0.00% 0.00% 0.00% 0 EEM ED Routing
224 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Track
225 80 53575 1 0.00% 0.00% 0.00% 0 Crypto cTCP proc
226 0 1 0 0.00% 0.00% 0.00% 0 IP SLAs Ethernet
227 4 1 4000 0.00% 0.00% 0.00% 0 RMON Packets
228 820 1709984 0 0.00% 0.00% 0.00% 0 trunk conditioni
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
229 0 1 0 0.00% 0.00% 0.00% 0 trunk conditioni
230 12 120 100 0.00% 0.00% 0.00% 0 EEM Server
231 4 2 2000 0.00% 0.00% 0.00% 0 Call Home proces
232 52 260 200 0.00% 0.00% 0.00% 0 Syslog
233 0 1 0 0.00% 0.00% 0.00% 0 VPDN Test
234 0 2 0 0.00% 0.00% 0.00% 0 EEM Policy Direc
235 0 2 0 0.00% 0.00% 0.00% 0 EEM ED CLI
236 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Counter
237 0 3 0 0.00% 0.00% 0.00% 0 EM ED GOLD
238 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Interface
239 0 3 0 0.00% 0.00% 0.00% 0 EEM ED IOSWD
240 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Ipsla
241 0 3 0 0.00% 0.00% 0.00% 0 EEM ED None
242 0 2 0 0.00% 0.00% 0.00% 0 EEM ED Nf
243 0 3 0 0.00% 0.00% 0.00% 0 EEM ED OIR
244 0 3 0 0.00% 0.00% 0.00% 0 EEM ED RF
245 0 3 0 0.00% 0.00% 0.00% 0 EEM ED SNMP
246 0 2 0 0.00% 0.00% 0.00% 0 EEM ED SNMP Noti
247 36 42890 0 0.00% 0.00% 0.00% 0 EEM ED Timer
248 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Test
249 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Config
250 0 3 0 0.00% 0.00% 0.00% 0 EEM ED Env
251 0 3 0 0.00% 0.00% 0.00% 0 EEM ED RPC
252 0 2 0 0.00% 0.00% 0.00% 0 cpf_process_msg_
253 0 1 0 0.00% 0.00% 0.00% 0 Key Proc
254 36 28543 1 0.00% 0.00% 0.00% 0 Call Home Timer
255 0 1 0 0.00% 0.00% 0.00% 0 tHUB
256 0 1 0 0.00% 0.00% 0.00% 0 Async write proc
257 104 953 109 0.00% 0.00% 0.00% 0 SSH Event handle
258 16 28543 0 0.00% 0.00% 0.00% 0 Secure Login
259 84 54 1555 0.00% 0.00% 0.00% 0 Tunnel Security
260 56 67 835 0.00% 0.00% 0.00% 0 Crypto SS Proces
261 0 1 0 0.00% 0.00% 0.00% 0 cpf_process_tpQ
262 0 1 0 0.00% 0.00% 0.00% 0 TCP Listener
263 0 2 0 0.00% 0.00% 0.00% 0 IP Flow Top Talk
264 1180 3338804 0 0.00% 0.00% 0.00% 0 IP NAT Ager
265 0 1 0 0.00% 0.00% 0.00% 0 IP NAT WLAN
266 24 28563 0 0.00% 0.00% 0.00% 0 IP SLAs Event Pr
267 434504 1489526 291 0.00% 0.00% 0.00% 0 IP SNMP
268 170304 877961 193 0.00% 0.00% 0.00% 0 PDU DISPATCHER
269 495704 877992 564 0.00% 0.00% 0.00% 0 SNMP ENGINE
270 0 2 0 0.00% 0.00% 0.00% 0 IP SNMPV6
271 0 1 0 0.00% 0.00% 0.00% 0 SNMP ConfCopyPro
272 0 1 0 0.00% 0.00% 0.00% 0 SNMP Traps
273 1185420 1715196 691 0.00% 0.00% 0.00% 0 NTP
274 412 29 14206 0.00% 0.00% 0.00% 0 VTEMPLATE Backgr
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
275 18608 174262 106 0.00% 0.00% 0.00% 0 BGP Router
276 36 27171 1 0.00% 0.00% 0.00% 0 DFS flush period
277 8 12 666 0.00% 0.00% 0.00% 0 Collection proce
278 16 651 24 0.00% 0.00% 0.00% 0 CRYPTO IKMP IPC
279 1724 850 2028 0.00% 0.00% 0.00% 2 SSH Process
281 0 1 0 0.00% 0.00% 0.00% 0 Skinny MOH Event
282 64 173856 0 0.00% 0.00% 0.00% 0 Skinny Socket Se
283 0 1451 0 0.00% 0.00% 0.00% 0 Web Write Housek
==============================================================
wish to help ASAPJosephDoherty wrote:DisclaimerThe Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.Liability DisclaimerIn no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.PostingThe fact you are matching with any ACLs, will decrease maximum performance.The fact you are using a policy-may, will decrease maximum performance.The fact is a -G2 only has finite capacity.In other words, what you're seeing might be completely normal for your traffic volume, your traffic composition and your configuration.If you believe your router is overloaded, and generally above 75% CPU might be so considered, either you'll need a faster device (see ASR 1Ks), or you might try changing your configuration to decrease your configuration load on the router.What's your CPU load if your remove the policy-map from the interface?If removing the policy-map from the interface shows a significant CPU loading decrease - QED.If you need/desire such QoS, then you'll want a "faster" router.You might be also able to decrease your CPU a little by some "tuning". I already mention the TurboACL feature statement. With ACLs, fewer are faster, and how they ordered (especially without TurboACL) impacts CPU. How you order you class-maps, within a policy, and how the match statements are ordered will also have some impact on the CPU load. If buffers are being allocated/deallocated, that too will impact CPU loading. I assume CEF is enabled, but for some traffic, flow caching might decrease CPU load.Remember a software based router, like the 7200s, are, more or less, a computer that takes your configuration and determines what's to be done with every packet it "sees". The more your configuration requires for per packet analysis, the more load for each packet.There are whitepapers addressing high CPU load caused by "process switching", but what you posted appears to be mostly all interrupt processing, which is "fast path", or optimal, packet forwarding. There's not much you can normally do to improve against that, other than insuring your configuration is as optimal as possible for your needs (again, things like sequencing/ordering of statements).
hi ,
thanks very very much for this nice information,
let me answer you :
you said that NPE G2 has finite capacity , but how to know this full capacity ???
i mean that my policy map is matching the traffic , but the matched traffic is not being enhancemend ??!!!
last about two weeks , the matched traffic of youtube was excellent and no interrupt durting the my rush hour.
i didnt change any thing, but my bw increased from 730 Mbps to 760Mbps ,
im un able to make sure that i need to chnage my platform to faster one.
agian
my cpu is 60 % without QOS
after QOS it increase to 80-85 %
agian ,
about NBAR
i want to tell you that i cant depend on NBAR , as an example , im matching the ips of videos of facebook , i cant depend on NBAR because it is https videos.
but in summary ,
my qos is matching well , but i have no real enhancement for my traffic.
did you face my issue before ???
i mean have you see like my problem ?
like my router platform with cpu over 80 % and 750Mbps , and matched qos without good result ??
note that i upgraded to iso 15 , but seems same issue !!!
regards -
How to apply Qos in the precedence of cache server
m in an isp and iwant to apply the QOS to enhance my network internet performance
actually i have two requests , i will start with showing brief topology about my network and start asking the questions .
here is the topology below :
from the topology above , my access is only on R1 which is BGP internet gateway router and R2 is my ISP router.
1- i want to apply Qos on R1 so that a subnet of 32 ips to have gurantee bandwidth of 30M .
assume the subnet is 10.20.30.0/27 that need to be bw gurantee .
2- i want the download traffic by idman or ftp on my Router R1 dont exceed 50 % of my total bw .
i mean that i have 450M bandwith from my isp , & sometimes we have a slow in browsing , so i want to enhance the browsing quality because its more important that downloading files from internet.
here is my two requests above , i dont know how it will work with the precedence of the cache server .
anyway , i will paste my config of router and i will replace my puplic ips with xxx for privacy .
7200Gateway#sh run
Building configuration...
Current configuration : 10149 bytes
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname 7200Gateway
boot-start-marker
boot-end-marker
logging message-counter syslog
logging buffered 50000
enable secret xxxxxxxxxxxxxx
no aaa new-model
ip source-route
ip wccp 80 redirect-list CACHE80
ip wccp 90 redirect-list CACHE90
ip cef
no ip domain lookup
ip accounting-threshold 4294967295
login block-for 180 attempts 3 within 60
login quiet-mode access-class telnet
login on-failure log
login on-success log
no ipv6 cef
multilink bundle-name authenticated
username xxxxxx password xxxxx
archive
log config
hidekeys
interface GigabitEthernet0/1
description LAN
bandwidth 230000
ip address 10.160.150.2 255.255.255.0
ip wccp 80 redirect in
ip policy route-map CACHE-REDIRECT
load-interval 30
duplex auto
speed auto
media-type rj45
negotiation auto
interface FastEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface GigabitEthernet0/2
description Cache
bandwidth 150000
ip address x.x.x.x 255.255.255.248
ip wccp redirect exclude in
load-interval 30
duplex auto
speed 1000
media-type rj45
negotiation auto
interface GigabitEthernet0/3
description Internet
bandwidth 230000
ip address x.x.x.x 255.255.255.252
ip wccp 90 redirect in
load-interval 30
duplex full
speed 1000
media-type sfp
negotiation auto
router bgp zzzzzzz
no synchronization
bgp log-neighbor-changes
network xxxx mask xxxxx
network xxxx mask xxxx
network xxxx mask xxxxx
network xxxx mask xxxx
network xxxx mask xxxxx
network xxxx mask xxxx
redistribute connected
redistribute static
neighbor zzzzzzzz remote-as zzzzzzz
neighbor zzzzzzz password zzzzzzz
neighbor zzzzzz route-map Pipo out
no auto-summary
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 xxxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
ip route xxxxxxxx 255.255.0.0 xxxxxxxxxx
no ip http server
no ip http secure-server
ip flow-top-talkers
top 200
sort-by bytes
cache-timeout 5000
ip access-list extended bb
permit ip xxxx.xxxx.xx.0 0.0.1.255 any
ip access-list extended CACHE80
permit tcp xxxxxxx any eq www
ip access-list extended CACHE90
permit tcp any xxxxx.0 0.0.0.255
ip access-list extended pipo
permit ip xxxxx xxxxxxx any
permit ip xxxxx xxxxxxx any
ip access-list extended private
permit tcp 172.16.0.0 0.0.255.255 any eq www
permit ip 10.20.30.0 0.0.0.255 any
ip access-list extended telnet
permit ip xxxxxx xxxxxxx.255.255 any log
permit ip xxxx xxxxx 0.0.0.255 any log
ip prefix-list bb seq 5 permit xxxxx
ip prefix-list bbseq 10 permit xxxxxx
logging history size 500
no cdp run
route-map pipo permit 10
match ip address prefix-list pipo1
route-map pipo permit 20
match ip address prefix-list newsubnet
set metric 500
set origin incomplete
set as-path prepend xxxxxxxxx
route-map permit 10
match ip address prefix-list bibo
route-map CACHE-REDIRECT permit 10
match ip address private
set ip next-hop 1vvvvvv
route-map CACHE-REDIRECT permit 20
match ip address bibo e1
set ip next-hop vvvvvv
route-map CACHE-REDIRECT permit 30
match ip address pipo
set ip next-hop vvvvvvvvvv
route-map CACHE-REDIRECT permit 100
snmp-server community xxxxxx RO
control-plane
dial-peer cor custom
line con 0
password xxxxxxxx
logging synchronous
login
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 60 0
password xxxxxxxxxxxxxxxxx
logging synchronous
login local
endHi Vinay,
Please check the program. I have used the replace statement but it is not working.
IF NOT v_sap_bom_rec IS INITIAL.
Spliting the records at '~' delimiter
SPLIT v_sap_bom_rec AT c_del INTO wa_bom_file-model_name
wa_bom_file-product_code
wa_bom_file-description
wa_bom_file-product_type
wa_bom_file-mfg_part_num
wa_bom_file-mfg_part_desc.
REPLACE cl_abap_char_utilities=>horizontal_tab IN wa_bom_file-mfg_part_desc WITH space .
wa_bom_file-status = c_status.
APPEND wa_bom_file TO i_bom_file.
But it is not working.
Please help me..
Thanks
Neelima -
APEX Listener and EPG - strange behaviour
Hi
For some years, I've used EPG for APEX but have struggled with performance particularly as I can have up to 150 student developers using at any one time.
I do a fair amount of work using ORDImage and have successfully developed APEX applications to upload image files and display full-size and thumbnail images.
After upgrading to APEX 4.1 (from 4.0), I decided to install APEX Listener standalone.
Before I did so I checked that my applications still worked in 4.1 and they did.
However, just installing APEX Listener but not configuring it (yet) has meant that my image display in a report using a procedure based on wpg_docload.download_file( l_ordimage_image.source.localData ) no longer works in EPG - the images are not displayed.
Configuring APEX Listener and running the same application through that DOES display the images.
So this part of the application works under APEX Listener but not under EPG.
My application also allows users to upload images from APEX_APPLICATION_FILES using standard code. Under APEX Listener after uploading, I'm left with a blank page with a wwv_flow.accept URL although the image does indeed upload. Under EPG it works as expected and I get a success confirmation.
So this part of the application works under EPG but not under APEX Listener.
Has anyone else come across different behaviour depending on the mode of connection?
Thanks
Brian
[Oracle EE 11gR2, Windows Server 2008R2, APEX 4.1, APEX Listener 1.1.3]Hi Brian,
it sounds like you have both EPG and APEX Listener running on the same machine, so your problem might result from a port conflict. Note that both services use TCP port 8080 as default.
At least a port conflict would explain the strange behaviour in your case, some things working on one web server and some on the other.
Some parts of your initial post hint to that direction, e.g.
However, just installing APEX Listener but not configuring it (yet) has meant that my image display in a report using a procedure based on >wpg_docload.download_file( l_ordimage_image.source.localData ) no longer works in EPG - the images are not displayed.... because the APEX Listener only interfere with the EPG if it is at least running on the same machine as your database and furthermore, if it is unconfigured in terms of ist database connection, a port conflict might be the only way it could cause anything like that.
However, if you are sure that's not the issue, please check if you see any error in the APEX Listener's log for the following action you performed:
My application also allows users to upload images from APEX_APPLICATION_FILES using standard code. Under APEX Listener after uploading, I'm left with a blank >page with a wwv_flow.accept URL although the image does indeed uploadIf you actually see just a blank screen, something very bad must have happened and you should see some kind of stack trace there.
For further investigations, if necessary, it would be helpful to know how you deployed or started your APEX Listener and which JDK version you use.
For the moment, I still think the port conflict is my best guess.
You could avoid it by either changing the port for EPG (I'd not recommend that if you have other users still using it) or by changing the port for your APEX Listener.
-Udo -
Windows TCP Socket Buffer Hitting Plateau Too Early
Note: This is a repost of a ServerFault Question edited over the course of a few days, originally here: http://serverfault.com/questions/608060/windows-tcp-window-scaling-hitting-plateau-too-early
Scenario: We have a number of Windows clients regularly uploading large files (FTP/SVN/HTTP PUT/SCP) to Linux servers that are ~100-160ms away. We have 1Gbit/s synchronous bandwidth at the office and the servers are either AWS instances or physically hosted
in US DCs.
The initial report was that uploads to a new server instance were much slower than they could be. This bore out in testing and from multiple locations; clients were seeing stable 2-5Mbit/s to the host from their Windows systems.
I broke out iperf
-s on a an AWS instance and then from a Windows client in the office:
iperf
-c 1.2.3.4
[ 5] local 10.169.40.14 port 5001 connected with 1.2.3.4 port 55185
[ 5] 0.0-10.0 sec 6.55 MBytes 5.48 Mbits/sec
iperf
-w1M -c 1.2.3.4
[ 4] local 10.169.40.14 port 5001 connected with 1.2.3.4 port 55239
[ 4] 0.0-18.3 sec 196 MBytes 89.6 Mbits/sec
The latter figure can vary significantly on subsequent tests, (Vagaries of AWS) but is usually between 70 and 130Mbit/s which is more than enough for our needs. Wiresharking the session, I can see:
iperf
-c Windows SYN - Window 64kb, Scale 1 - Linux SYN, ACK: Window 14kb, Scale: 9 (*512)
iperf
-c -w1M Windows SYN - Windows 64kb, Scale 1 - Linux SYN, ACK: Window 14kb, Scale: 9
Clearly the link can sustain this high throughput, but I have to explicity set the window size to make any use of it, which most real world applications won't let me do. The TCP handshakes use the same starting points in each case, but the forced one scales
Conversely, from a Linux client on the same network a straight, iperf
-c (using the system default 85kb) gives me:
[ 5] local 10.169.40.14 port 5001 connected with 1.2.3.4 port 33263
[ 5] 0.0-10.8 sec 142 MBytes 110 Mbits/sec
Without any forcing, it scales as expected. This can't be something in the intervening hops or our local switches/routers and seems to affect Windows 7 and 8 clients alike. I've read lots of guides on auto-tuning, but these are typically about disabling scaling
altogether to work around bad terrible home networking kit.
Can anyone tell me what's happening here and give me a way of fixing it? (Preferably something I can stick in to the registry via GPO.)
Notes
The AWS Linux instance in question has the following kernel settings applied in sysctl.conf:
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.rmem_default = 1048576
net.core.wmem_default = 1048576
net.ipv4.tcp_rmem = 4096 1048576 16777216
net.ipv4.tcp_wmem = 4096 1048576 16777216
I've used dd
if=/dev/zero | nc redirecting to /dev/null at
the server end to rule out iperfand
remove any other possible bottlenecks, but the results are much the same. Tests with ncftp(Cygwin,
Native Windows, Linux) scale in much the same way as the above iperf tests on their respective platforms.
First fix attempts.
Enabling CTCP - This makes no difference; window scaling is identical. (If I understand this correctly, this setting increases the rate at which the congestion window is enlarged rather than the maximum size it can reach)
Enabling TCP timestamps. - No change here either.
Nagle's algorithm - That makes sense and at least it means I can probably ignore that particular blips in the graph as any indication of the problem.
pcap files: Zip file available here: https://www.dropbox.com/s/104qdysmk01lnf6/iperf-pcaps-10s-Win%2BLinux-2014-06-30.zip (Anonymised
with bittwiste, extracts to ~150MB as there's one from each OS client for comparison)
Second fix attempts.
I've enabled ctcp and disabled chimney offloading: TCP Global Parameters
Receive-Side Scaling State : enabled
Chimney Offload State : disabled
NetDMA State : enabled
Direct Cache Acess (DCA) : disabled
Receive Window Auto-Tuning Level : normal
Add-On Congestion Control Provider : ctcp
ECN Capability : disabled
RFC 1323 Timestamps : enabled
Initial RTO : 3000
Non Sack Rtt Resiliency : disabled
But sadly, no change in the throughput.
I do have a cause/effect question here, though: The graphs are of the RWIN value set in the server's ACKs to the client. With Windows clients, am I right in thinking that Linux isn't scaling this value beyond that low point because the client's limited CWIN
prevents even that buffer from being filled? Could there be some other reason that Linux is artificially limiting the RWIN?
Note: I've tried turning on ECN for the hell of it; but no change, there.
Third fix attempts.
No change following disabling heuristics and RWIN autotuning. Have updated the Intel network drivers to the latest (12.10.28.0) with software that exposes functioanlity tweaks viadevice manager tabs. The card is an 82579V Chipset on-board NIC - (I'm going to
do some more testing from clients with realtek or other vendors)
Focusing on the NIC for a moment, I've tried the following (Mostly just ruling out unlikely culprits):
Increase receive buffers to 2k from 256 and transmit buffers to 2k from 512 (Both now at maximum) - No change
Disabled all IP/TCP/UDP checksum offloading. - No change.
Disabled Large Send Offload - Nada.
Turned off IPv6, QoS scheduling - Nowt.
Further investigation
Trying to eliminate the Linux server side, I started up a Server 2012R2 instance and repeated the tests using iperf (cygwin
binary) and NTttcp.
With iperf,
I had to explicitly specify -w1m on both sides
before the connection would scale beyond ~5Mbit/s. (Incidentally, I could be checked and the BDP of ~5Mbits at 91ms latency is almost precisely 64kb. Spot the limit...)
The ntttcp binaries showed now such limitation. Using ntttcpr
-m 1,0,1.2.3.5 on the server and ntttcp
-s -m 1,0,1.2.3.5 -t 10 on the client, I can see much better throughput:
Copyright Version 5.28
Network activity progressing...
Thread Time(s) Throughput(KB/s) Avg B / Compl
====== ======= ================ =============
0 9.990 8155.355 65536.000
##### Totals: #####
Bytes(MEG) realtime(s) Avg Frame Size Throughput(MB/s)
================ =========== ============== ================
79.562500 10.001 1442.556 7.955
Throughput(Buffers/s) Cycles/Byte Buffers
===================== =========== =============
127.287 308.256 1273.000
DPCs(count/s) Pkts(num/DPC) Intr(count/s) Pkts(num/intr)
============= ============= =============== ==============
1868.713 0.785 9336.366 0.157
Packets Sent Packets Received Retransmits Errors Avg. CPU %
============ ================ =========== ====== ==========
57833 14664 0 0 9.476
8MB/s puts it up at the levels I was getting with explicitly large windows in iperf.
Oddly, though, 80MB in 1273 buffers = a 64kB buffer again. A further wireshark shows a good, variable RWIN coming back from the server (Scale factor 256) that the client seems to fulfil; so perhaps ntttcp is misreporting the send window.
Further PCAP files have been provided, here:https://www.dropbox.com/s/dtlvy1vi46x75it/iperf%2Bntttcp%2Bftp-pcaps-2014-07-03.zip
Two more iperfs,
both from Windows to the same Linux server as before (1.2.3.4): One with a 128k Socket size and default 64k window (restricts to ~5Mbit/s again) and one with a 1MB send window and default 8kb socket size. (scales higher)
One ntttcp trace
from the same Windows client to a Server 2012R2 EC2 instance (1.2.3.5). here, the throughput scales well. Note: NTttcp does something odd on port 6001 before it opens the test connection. Not sure what's happening there.
One FTP data trace, uploading 20MB of /dev/urandom to
a near identical linux host (1.2.3.6) using Cygwin ncftp.
Again the limit is there. The pattern is much the same using Windows Filezilla.
Changing the iperf buffer
length does make the expected difference to the time sequence graph (much more vertical sections), but the actual throughput is unchanged.
So we have a final question through all of this: Where is this limitation creeping in? If we simply have user-space software not written to take advantage of Long Fat Networks, can anything be done in the OS to improve the situation?Hi,
Thanks for posting in Microsoft TechNet forums.
I will try to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.
Thank you for your understanding and support.
Kate Li
TechNet Community Support -
Router Dead , when i applied QOS on virtual-temp interface for vpn !!
hi all ,
i have a simple brief topology below :
PSTN======(R1-7206)>F1=======F2>(R2-7604 catalyst)>>>F1=========Internet
i have two router
R2========>MLS 7604
R1======>cisco 7204
on R2 , Im doing matching to QOS by dscp , im matching acls ips from internet with dscp values :
here is CONFIG for matching :
Gateway7600#sh policy-map LLQX
Policy Map LLQX
Class YOUTUBE
set ip dscp af43
Class FACEBOOKVIDEOS
set ip dscp af33
Class HTTP
set dscp af23
Class DNSQOS
set dscp af13
Class class-default
set ip dscp af11
================
Gateway7600#sh class-map
Class Map match-all FACEBOOKVIDEOS (id 7)
Match access-group name facebookvideos
Class Map match-all DNSQOS (id 8)
Match access-group name dnsqos
Class Map match-all HTTP (id 6)
Match access-group name browsing
Class Map match-any class-default (id 0)
Match any
Class Map match-all YOUTUBE (id 5)
Match access-group name youtube
Gateway7600#
=========================================================
on this router i applied this policy map on interfaxce F1 in direction
and here matching is well :
Gateway7600#sh policy-map interface gigabitEthernet 1/5 in
GigabitEthernet1/5
Service-policy input: LLQX
class-map: rate-limit (match-all)
Match: access-group name rate-limit
police :
4088000 bps 384000 limit 384000 extended limit
Earl in slot 1 :
139044930 bytes
30 second offered rate 143032 bps
aggregate-forwarded 134420937 bytes action: transmit
exceeded 4623993 bytes action: drop
aggregate-forward 22544 bps exceed 0 bps
class-map: YOUTUBE (match-all)
Match: access-group name youtube
set dscp 38:
Earl in slot 1 :
132693939697 bytes
30 second offered rate 212144928 bps
aggregate-forwarded 132693939697 bytes
class-map: FACEBOOKVIDEOS (match-all)
Match: access-group name facebookvideos
set dscp 30:
Earl in slot 1 :
10726758352 bytes
30 second offered rate 20682720 bps
aggregate-forwarded 10726758352 bytes
class-map: HTTP (match-all)
Match: access-group name browsing
set dscp 22:
Earl in slot 1 :
56874058537 bytes
30 second offered rate 92669832 bps
aggregate-forwarded 56874058537 bytes
class-map: DNSQOS (match-all)
Match: access-group name dnsqos
set dscp 14:
Earl in slot 1 :
160308954 bytes
30 second offered rate 303552 bps
aggregate-forwarded 160308954 bytes
class-map: class-default (match-any)
Match: any
set dscp 10:
Earl in slot 1 :
67394864030 bytes
30 second offered rate 126884864 bps
aggregate-forwarded 67394864030 bytes
=================================================================================
now the problem is below
on router 7200 , it is LNS router connected with LAC roiuter for ADSL customers.
now here is config of policy map on 7200 router:
R11#sh policy-map
Policy Map MATCH_MARKS
Class MATCH_YOUTUBE
bandwidth 220000 (kbps)
Class MATCH_FACEBOOKVIDEOS
bandwidth 20000 (kbps)
Class MATCH_HTTP
bandwidth 100000 (kbps)
=========================================================
R1#sh class-map
Class Map match-all MATCH_FACEBOOKVIDEOS (id 2)
Match ip dscp af33 (30)
Class Map match-all MATCH_HTTP (id 3)
Match ip dscp af23 (22)
Class Map match-any class-default (id 0)
Match any
Class Map match-all MATCH_YOUTUBE (id 1)
Match ip dscp af43 (38)
==========================================================
here is virtual-template interface before i apply the QOS
R1#sh running-config interface virtual-template 1
Building configuration...
Current configuration : 352 bytes
interface Virtual-Template1
bandwidth 1000000
ip unnumbered Loopback0
ip tcp adjust-mss 1412
ip policy route-map private
no logging event link-status
qos pre-classify
peer default ip address pool bitsead1 bitsead2
ppp mtu adaptive
ppp authentication pap vpdn
ppp authorization vpdn
ppp accounting vpdn
max-reserved-bandwidth 90
end
=========================================
when i apply the command
(service-poliy output MATCH_MAKRS ) under virtual-template interface i have console logs :
Insufficient bandwidth 149760 kbps for the bandwidth guarantee (220000)
Insufficient bandwidth 149760 kbps for the bandwidth guarantee (220000)
Insufficient bandwidth 149760 kbps for the bandwidth guarantee (220000)
also i have
*Jul 9 22:28:38.242: Interface Virtual-Access2551 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.250: Interface Virtual-Access627 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.258: Interface Virtual-Access786 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.266: Interface Virtual-Access623 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.274: Interface Virtual-Access2559 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.282: Interface Virtual-Access2281 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:38.290: Interface Virtual-Access142 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 9 22:28:40.262: %SYS-2-INTSCHED: 'suspend' at level 3 -Process= "VTEMPLATE Background Mgr", ipl= 3, pid= 278, -Traceback= 0x756FF0z 0x3439C58z 0x2778D70z 0x2CACCD0z 0x2CC63E0z 0x2CC7FF8z 0x2CADC74z 0x2CBE058z 0x2CA0340z 0x2CA04F8z 0x2E0BB18z 0x2D23378z 0x2D1825Cz 0x2D18738z 0x2E66FE0z 0x2D971ACz
*Jul 9 22:28:40.262: %SYS-2-INTSCHED: 'suspend' at level 3 -Process= "VTEMPLATE Background Mgr", ipl= 3, pid= 278, -Traceback= 0x756FF0z 0x3439C58z 0x2778D70z 0x2CACD28z 0x2CC63E0z 0x2CC7FF8z 0x2CADC74z 0x2CBE058z 0x2CA0340z 0x2CA04F8z 0x2E0BB18z 0x2D23378z 0x2D1825Cz 0x2D18738z 0x2E66FE0z 0x2D971ACz
after i apply it ,
the cpu is 100 % and the router got down !!!
now
what is the problem ????
here is ios for 7200 router
R1#sh version
Cisco IOS Software, 7200 Software (C7200P-ADVENTERPRISEK9-M), Version 12.4(24)T7, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 28-Feb-12 12:53 by prod_rel_team
ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)
Bras1 uptime is 13 weeks, 1 day, 9 hours, 24 minutes
System returned to ROM by reload at 16:24:51 GMT+3 Tue Jun 17 2003
System image file is "disk2:c7200p-adventerprisek9-mz.124-24.T7.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 7206VXR (NPE-G2) processor (revision A) with 917504K/65536K bytes of memory.
Processor board ID 36858624
MPC7448 CPU at 1666Mhz, Implementation 0, Rev 2.2
6 slot VXR midplane, Version 2.11
Last reset from power-on
PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
Please refer to the following document "Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
for c7200 bandwidth points oversubscription and usage guidelines.
1 FastEthernet interface
3 Gigabit Ethernet interfaces
2045K bytes of NVRAM.
250880K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
==============================================================================
wish to Help ASAP
regardshi ,
i did
the same issue ,
i did a TEST policymap that has 30 percent gurantee
but the same result!!!!!!!!!!!!!!!!
the router god down agian !
here is logs :
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.605: Interface Virtual-Access1896 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.797: Interface Virtual-Access1317 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.809: Interface Virtual-Access993 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.817: Interface Virtual-Access1699 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.981: Interface Virtual-Access254 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:33.993: Interface Virtual-Access687 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.001: Interface Virtual-Access35 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.009: Interface Virtual-Access160 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.017: Interface Virtual-Access1337 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.029: Interface Virtual-Access1670 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.037: Interface Virtual-Access1948 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.049: Interface Virtual-Access1669 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.109: Interface Virtual-Access1334 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.117: Interface Virtual-Access151 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.125: Interface Virtual-Access761 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.137: Interface Virtual-Access810 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.197: Interface Virtual-Access1522 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.237: Interface Virtual-Access1692 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.257: Interface Virtual-Access368 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.305: Interface Virtual-Access1758 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.317: Interface Virtual-Access2061 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.325: Interface Virtual-Access1203 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.337: Interface Virtual-Access188 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.345: Interface Virtual-Access1975 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.357: Interface Virtual-Access1172 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.509: Interface Virtual-Access1647 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.517: Interface Virtual-Access458 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.609: Interface Virtual-Access608 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.621: Interface Virtual-Access2128 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.633: Interface Virtual-Access1167 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.641: Interface Virtual-Access487 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.653: Interface Virtual-Access1793 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.665: Interface Virtual-Access2280 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.769: Interface Virtual-Access839 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.781: Interface Virtual-Access2311 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.793: Interface Virtual-Access1788 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.857: Interface Virtual-Access8 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.869: Interface Virtual-Access2243 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:34.881: Interface Virtual-Access580 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.057: Interface Virtual-Access6 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.065: Interface Virtual-Access1331 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.077: Interface Virtual-Access1235 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.177: Interface Virtual-Access1748 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.189: Interface Virtual-Access2262 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
*Jul 11 02:40:35.205: Interface Virtual-Access2136 max_reserved_bandwidth config will not
take effect on the queueing features configured via service-policy
i want to ask a question , could this be from IOS ???? -
QoS: Multiple acl entries cannot be used in match-any in class Match_XY
Hello All,
I'm getting below error while trying to add the two extended ACL in the class-map for classifying the traffic. Is there any way I can add two extenteded ACL in the same class-map for classifying the traffic.
Error log: "QoS: Multiple acl entries cannot be used in match-any in class Tag_AF13"
device details: cisco WS-C6506-E with Supervisor Engine 2T
IOS version -s2t54-adventerprisek9-mz.SPA.150-1.SY1.bin
R1(config)#class-map match-any Tag_AF13
#match access-group name XX
#match access-group name XY
QoS: Multiple acl entries cannot be used in match-any in class Tag_AF13
Regards,
ThiyaguHi Rajan,
Thats because of the logic used for ACl operations, as per your config you are class-map match-any. The match any argument says that the class map must match either of the two arguments supplied.So lets take a look at how the sequence of operations of how this will be interpreted by your class map.
1> Any particular packet will be first matched against the first ACL "XX".
2> Suppose there are 10 entries there if it matches any of those entries the appropriate action will be talen.
3> If none of those entried match the packet there will be an implicit deny at the end of the ACL( default behaviour of ACL's)
4> In that case the packet will match the implicit deny and will get dropped.
5> The packet will under no circumstances go to the next ACL "XY"
Thats the reason multiple ACL's aren't allowed by the IOS.
You can try to collate both ACL's and put them in just one ACL that should work well. If you need help please pots both the ACL's.
Please do let me know if you have any further questions
HTH
Regards
Umesh -
Hello, I have 2 Cisco Aironet 1300 Bridges which provide data and voice communication between 2 buildings. Up until recently QoS has not been needed, but lately there appears to be congestion due to reports of poor voice quality. Building A houses a V3000 NBX Telephone system, Building B houses approximately 30 remote IP phones. Building A and Building B are approximately 100 yards apart. No VLAN's. Due to myself being an extreme noob to Cisco bridges, I was hoping some of you may have had experience in setting this up and hopefully provide some tips. I need to prioritize traffic on UDP ports 2093-2096 and TCP port 1040. Thank you in advance for any suggestions. My current running config is below:
Using 1283 out of 32768 bytes
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname LHS-WeightRoom-WCV
ip subnet-zero
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 ssid wcv
authentication open
guest-mode
dot11 ssid wcvcisco
authentication open
infrastructure-ssid optional
username root privilege 15 password 7 0247335A05320A2244
username Cisco privilege 15 password 7 074E164D403D1C061F
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
ssid wcv
ssid wcvcisco
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root bridge
bridge-group 1
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
bridge-group 1
bridge-group 1 spanning-disabled
hold-queue 80 in
interface BVI1
ip address 10.141.8.6 255.255.254.0
no ip route-cache
ip default-gateway 10.141.8.5
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
control-plane
bridge 1 route ip
line con 0
line vty 0 4
endHere is the URL for the configuration of Cisco Aironet 1300 QoS. Follow the guide it may help you
http://www.cisco.com/en/US/docs/wireless/access_point/1300/12.3_4_JA/configuration/guide/o13qos.html -
TCP/IP instabilities in LabVIEW?
I'm just beginning to work with TCP/IP in LabVIEW and I'm hitting some problems. As usual the hardest part is knowing what questions to ask.
Background: Essentially, we have a PC (Windows 7) running LabVIEW (2011), communicating with a Staubli CS8 robot controller. The code on the controller is written using Staubli's native VAL3 development environment. It's set up so that we send it pre-defined command strings via TCP/IP. The robot performs the command and when it reaches its destination it sends a response string.
If I use Putty to send the strings via command line, everything works fine, and I get the response string expected loud and clear afte the robot has performed its task. If I use LabVIEW, however, using code based on the TCP 'active' and 'passive' example functions, I get communication most of the time, but occasionally the system hangs.
The robot almost always get the movement command - this is obvious as it starts moving. The problem seems to be more to do with the fact that the 'listening' portion of the LabVIEW code seems to be occasionally missing the string sent back to the PC, and the listen loop then runs indefinitely, thereby causing the system to hang.
Using timeouts as a quick fix is out as the robot speed can be varied, therefore there is no way to know exactly when the robot is going to send back its message to the PC (although it's always going to be on the order of seconds).
So my initial questions are:
1.) Is a degree of instability normal in communications using TCP/IP?
2.) Why does LabVIEW appear to be less stable than Putty?
3.) Does anybody have TCP example VIs that I can contrast with the two examples that ship with LabVIEW?I can only support Julianne's statements. I have done quite a few intensive network communication libraries and projects and don't see instabilities as you describe them, if the LabVIEW part is programmed correctly. Network communication I have done include both TCP/IP and UDP based protocols and also binary and ASCII style variants of those.
Network programming is different than other LabVIEW programming in several ways. You have to be prepared that network functions can return errors for many reasons, and that some of them should be ignored, some of them indicate to retry the operation, and some require you to close and reopen the connection. Which error means what, is the biggest part of the magic about network programming and there are no definitive rules about this, as it can depend on the used protocol, the particular implementation of the remote side and sometimes other factors you need to figure out.
With some experience you learn to program fault tolerant network communication, that can work with different implementation specific behaviour of the remote side but this stage can sometimes feel a bit like magic and the only way to get it to work right is usually by trial and error, and some logical thinking about what the different network layers are supposed to do.
Rolf Kalbermatter
CIT Engineering Netherlands
a division of Test & Measurement Solutions
Maybe you are looking for
-
probably asked and answered a million times but laptop died and my boyfriend and i are now sharing a computer when i went to back up my contacts i ended up with all of his? Is there a way to get them off without deleting each one? Also how do i preve
-
If I changed my Apple ID password on my iphone then log into itunes on my phone with that new password, would it automatically sync to my laptop or would i need to put the new password into my laptop also? My laptop got stolen so I changed my passwor
-
How to call MSSQL stored procedure from oracle database
MSSQL and Oracle databases are linked thru ODBC link using Oracle HSODBC. I can query MSSQL table or view from Oracle Database using standard notation for acessing remote objects schema.object@dblink_name... Can anybody give me syntax for calling MSS
-
CFQuery with an IN statement (how do you do it)
I have a <cfquery> SQL statement with a 'where in ( )' clause but quotedValueList can't handle values greater than 1000, so, how do you do it? Now, I can't just stick the first query into the second query to make it work. The first query is more comp
-
Display a query with multiple results and a little addon :D
Hello everybody, I wanna make a JSP page that displays multiple results from a query. I wanna those results to appair in a table, a row each one, and also a little "square radio form buttton" that makes me select rows I wanna delete (with another but