• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 462
  • Last Modified:

Cisco 7500 performance query

Hi all,
I'm doing some performance testing with a Cisco 7500 and an Accelar 8600 with some very disappointing results.
I have a Smartbits 2000 data generator connected to the Ethernet ports on both devices and they are in turn connected via a STM-1 POS link (155 Mbps).
Transmitting traffic from SMB-Accelar-Cisco-SMB isn't too bad, however, when I try the reverse, SMB-Cisco-Accelar-SMB, if I try and send any more than a burst of a few hundred packets they can take up to a few minutes before all packets are received by the accelar and the Cisco IOS seems to hang while it's processing the traffic.
Could there be some misconfiguration on the Cisco machine or is the performance really this bad?
I know the 7500 is a router but I'm trying to use it as a bridge/switch to just forward the packets out all port members of the default vlan.
Any ideas or previous experience with this appreciated.
Thanks
Scott
0
scott01
Asked:
scott01
1 Solution
 
jwalsh88Commented:
Why don't you start by posting the config from the 7500 and if you want to change any public information on it.
0
 
scott01Author Commented:
Sorry,
Should have posted it originally
Thanks
Scott

CISCO#show run
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CISCO
!
enable secret 5 $1$fF.l$634zwJXEx3i/tM4UQGTtA/
enable password password
!
!
!
!
!
ip subnet-zero
ip ftp source-interface FastEthernet1/0/0
ip ftp username stephe
ip ftp password teather
!
ip cef
cns event-service server
bridge irb
!
!
process-max-time 200
!
interface FastEthernet0/0/0
 ip address <Cisco IP> 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 3
!
interface FastEthernet0/1/0
 ip address 10.1.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet0/1/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet0/1/0.3
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface FastEthernet1/0/0
 no ip address
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/0/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet1/1/0
 ip address 10.2.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/1/0.2
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface POS4/0/0
 bandwidth 10000000
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos scramble-atm
 pos flag s1s0 2
 bridge-group 1
!
interface POS5/0/0
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos flag s1s0 2
 bridge-group 1
!
router rip
 network 10.0.0.0
!
ip classless
ip route <Private IP> 255.0.0.0 <Private IP> 2
no ip http server
!
!
bridge 1 protocol ieee
bridge 1 aging-time 10
bridge 2 protocol ieee
bridge 3 protocol ieee
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
line vty 0 4
 password vtpassword
 login
!
end
0
 
scott01Author Commented:
Sorry,
Should have posted it originally
Thanks
Scott

CISCO#show run
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CISCO
!
enable secret 5 $1$fF.l$634zwJXEx3i/tM4UQGTtA/
enable password password
!
!
!
!
!
ip subnet-zero
ip ftp source-interface FastEthernet1/0/0
ip ftp username stephe
ip ftp password teather
!
ip cef
cns event-service server
bridge irb
!
!
process-max-time 200
!
interface FastEthernet0/0/0
 ip address <Cisco IP> 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 3
!
interface FastEthernet0/1/0
 ip address 10.1.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet0/1/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet0/1/0.3
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface FastEthernet1/0/0
 no ip address
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/0/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet1/1/0
 ip address 10.2.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/1/0.2
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface POS4/0/0
 bandwidth 10000000
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos scramble-atm
 pos flag s1s0 2
 bridge-group 1
!
interface POS5/0/0
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos flag s1s0 2
 bridge-group 1
!
router rip
 network 10.0.0.0
!
ip classless
ip route <Private IP> 255.0.0.0 <Private IP> 2
no ip http server
!
!
bridge 1 protocol ieee
bridge 1 aging-time 10
bridge 2 protocol ieee
bridge 3 protocol ieee
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
line vty 0 4
 password vtpassword
 login
!
end
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
asarluhiCommented:
So you're trying to connect a your smartbits via an FE port to the Accelar, a POS port from Accelar to the Cisco and then another ethernet back to the smartbits?  

The L2/L3 picture here is kind of murky.  Are you trying to make the SB ports send IP packets to each other (e.g. the two ports have IP addresses in different subnets and you're using the Accelar as a L3 device) or are you trying to make both devices act as a bridge and simply passing traffic at L2 (e.g. one smartbits MAC address to another)?

Your use of IRB suggests that you're trying to do this with IP.  IRB is, incidentally, not known as one of the faster feature sets within IOS (...which is why its use has been largely superceded by other technologies in many environments).  The ideal performance of that box is going to be found only when you're letting it be a router (e.g. L3 function only).  

Still, if you're dead-set on using IRB, you probably ought to remove all of the IP addresses from the interfaces associated with bridge-group 1 and set up a BVI (check out http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm#1041948 for details) I'm not sure if this is specifically the problem, but it could be confusing the issue.  

Good luck-
0
 
scott01Author Commented:
Thanks,
I'm trying to use bothe devices purely as L2 bridges to just forward the packets based on the MAC addresses, and had thought that maybe the Cisco box was trying to process the packets too much.  I have no necessary requiremnet to use IRB, that was just the way the box was configured when I received it.  Is there some way I can make it act purely as a bridge with no routing involved?
I had tried previously with no ip addresses configured on any of the interfaces I was using, but some of the others in that group may have had, could that cause me problems?

Thanks again
Scott
0
 
asarluhiCommented:
If you'd like the 7500 to be purely a L2 device, you could simply remove the IP addresses, disable IP routing on the box (issue "no ip routing" as a global command) and put a bridge-group command on the interfaces you're interested in bridging (the FE and the POS in this case).  There will be no need for the "bridge irb" statement either.

With those sorts of commands entered, you'll have a very expensive pure L2 device.  For future reference, the usual behavior of IOS devices running bridging and routing is to only bridge packets that can't be routed (e.g. protocols that aren't set up on the box, or on the specific interfaces).  Features like IRB or CRB allow the administrator to override this behavior to a certain degree - forcing the box to both bridge *and* route based on specific rules.

Even with this pure L2 configuration I wouldn't look to the 7500 to be doing anything fantastic performance-wise.  It was never a very gifted bridge - or, at any rate, at the time when people cared about bridging, there wasn't usually a requirement to fill OC3 and FE interfaces!  <grin>

Good luck-
0
 
lrmooreCommented:

This question appears to be abandoned. I will allow one week before I close this question
with the following recommendation:

- points to asarluhi

if there is any objection to this recommendation then please post it here within 7 days.

thanks,

lrmoore@nw
EE Cleanup Volunteer
0
 
SpideyModCommented:
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now