Solved

Cisco 7500 performance query

Posted on 2001-07-20
8
442 Views
Last Modified: 2008-03-17
Hi all,
I'm doing some performance testing with a Cisco 7500 and an Accelar 8600 with some very disappointing results.
I have a Smartbits 2000 data generator connected to the Ethernet ports on both devices and they are in turn connected via a STM-1 POS link (155 Mbps).
Transmitting traffic from SMB-Accelar-Cisco-SMB isn't too bad, however, when I try the reverse, SMB-Cisco-Accelar-SMB, if I try and send any more than a burst of a few hundred packets they can take up to a few minutes before all packets are received by the accelar and the Cisco IOS seems to hang while it's processing the traffic.
Could there be some misconfiguration on the Cisco machine or is the performance really this bad?
I know the 7500 is a router but I'm trying to use it as a bridge/switch to just forward the packets out all port members of the default vlan.
Any ideas or previous experience with this appreciated.
Thanks
Scott
0
Comment
Question by:scott01
8 Comments
 
LVL 4

Expert Comment

by:jwalsh88
Comment Utility
Why don't you start by posting the config from the 7500 and if you want to change any public information on it.
0
 

Author Comment

by:scott01
Comment Utility
Sorry,
Should have posted it originally
Thanks
Scott

CISCO#show run
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CISCO
!
enable secret 5 $1$fF.l$634zwJXEx3i/tM4UQGTtA/
enable password password
!
!
!
!
!
ip subnet-zero
ip ftp source-interface FastEthernet1/0/0
ip ftp username stephe
ip ftp password teather
!
ip cef
cns event-service server
bridge irb
!
!
process-max-time 200
!
interface FastEthernet0/0/0
 ip address <Cisco IP> 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 3
!
interface FastEthernet0/1/0
 ip address 10.1.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet0/1/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet0/1/0.3
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface FastEthernet1/0/0
 no ip address
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/0/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet1/1/0
 ip address 10.2.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/1/0.2
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface POS4/0/0
 bandwidth 10000000
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos scramble-atm
 pos flag s1s0 2
 bridge-group 1
!
interface POS5/0/0
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos flag s1s0 2
 bridge-group 1
!
router rip
 network 10.0.0.0
!
ip classless
ip route <Private IP> 255.0.0.0 <Private IP> 2
no ip http server
!
!
bridge 1 protocol ieee
bridge 1 aging-time 10
bridge 2 protocol ieee
bridge 3 protocol ieee
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
line vty 0 4
 password vtpassword
 login
!
end
0
 

Author Comment

by:scott01
Comment Utility
Sorry,
Should have posted it originally
Thanks
Scott

CISCO#show run
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname CISCO
!
enable secret 5 $1$fF.l$634zwJXEx3i/tM4UQGTtA/
enable password password
!
!
!
!
!
ip subnet-zero
ip ftp source-interface FastEthernet1/0/0
ip ftp username stephe
ip ftp password teather
!
ip cef
cns event-service server
bridge irb
!
!
process-max-time 200
!
interface FastEthernet0/0/0
 ip address <Cisco IP> 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 3
!
interface FastEthernet0/1/0
 ip address 10.1.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet0/1/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet0/1/0.3
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface FastEthernet1/0/0
 no ip address
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/0/0.2
 encapsulation dot1Q 2
 no ip directed-broadcast
!
interface FastEthernet1/1/0
 ip address 10.2.1.1 255.255.255.240
 no ip directed-broadcast
 no ip route-cache distributed
 no ip mroute-cache
 full-duplex
 bridge-group 1
!
interface FastEthernet1/1/0.2
 encapsulation dot1Q 3
 no ip directed-broadcast
!
interface POS4/0/0
 bandwidth 10000000
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos scramble-atm
 pos flag s1s0 2
 bridge-group 1
!
interface POS5/0/0
 no ip address
 no ip directed-broadcast
 encapsulation ppp
 no ip route-cache distributed
 no ip mroute-cache
 pos framing sdh
 pos flag s1s0 2
 bridge-group 1
!
router rip
 network 10.0.0.0
!
ip classless
ip route <Private IP> 255.0.0.0 <Private IP> 2
no ip http server
!
!
bridge 1 protocol ieee
bridge 1 aging-time 10
bridge 2 protocol ieee
bridge 3 protocol ieee
!
line con 0
 exec-timeout 0 0
 transport input none
line aux 0
line vty 0 4
 password vtpassword
 login
!
end
0
 
LVL 1

Expert Comment

by:asarluhi
Comment Utility
So you're trying to connect a your smartbits via an FE port to the Accelar, a POS port from Accelar to the Cisco and then another ethernet back to the smartbits?  

The L2/L3 picture here is kind of murky.  Are you trying to make the SB ports send IP packets to each other (e.g. the two ports have IP addresses in different subnets and you're using the Accelar as a L3 device) or are you trying to make both devices act as a bridge and simply passing traffic at L2 (e.g. one smartbits MAC address to another)?

Your use of IRB suggests that you're trying to do this with IP.  IRB is, incidentally, not known as one of the faster feature sets within IOS (...which is why its use has been largely superceded by other technologies in many environments).  The ideal performance of that box is going to be found only when you're letting it be a router (e.g. L3 function only).  

Still, if you're dead-set on using IRB, you probably ought to remove all of the IP addresses from the interfaces associated with bridge-group 1 and set up a BVI (check out http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ibm_c/bcprt1/bcdtb.htm#1041948 for details) I'm not sure if this is specifically the problem, but it could be confusing the issue.  

Good luck-
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:scott01
Comment Utility
Thanks,
I'm trying to use bothe devices purely as L2 bridges to just forward the packets based on the MAC addresses, and had thought that maybe the Cisco box was trying to process the packets too much.  I have no necessary requiremnet to use IRB, that was just the way the box was configured when I received it.  Is there some way I can make it act purely as a bridge with no routing involved?
I had tried previously with no ip addresses configured on any of the interfaces I was using, but some of the others in that group may have had, could that cause me problems?

Thanks again
Scott
0
 
LVL 1

Accepted Solution

by:
asarluhi earned 100 total points
Comment Utility
If you'd like the 7500 to be purely a L2 device, you could simply remove the IP addresses, disable IP routing on the box (issue "no ip routing" as a global command) and put a bridge-group command on the interfaces you're interested in bridging (the FE and the POS in this case).  There will be no need for the "bridge irb" statement either.

With those sorts of commands entered, you'll have a very expensive pure L2 device.  For future reference, the usual behavior of IOS devices running bridging and routing is to only bridge packets that can't be routed (e.g. protocols that aren't set up on the box, or on the specific interfaces).  Features like IRB or CRB allow the administrator to override this behavior to a certain degree - forcing the box to both bridge *and* route based on specific rules.

Even with this pure L2 configuration I wouldn't look to the 7500 to be doing anything fantastic performance-wise.  It was never a very gifted bridge - or, at any rate, at the time when people cared about bridging, there wasn't usually a requirement to fill OC3 and FE interfaces!  <grin>

Good luck-
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility

This question appears to be abandoned. I will allow one week before I close this question
with the following recommendation:

- points to asarluhi

if there is any objection to this recommendation then please post it here within 7 days.

thanks,

lrmoore@nw
EE Cleanup Volunteer
0
 

Expert Comment

by:SpideyMod
Comment Utility
per recommendation

SpideyMod
Community Support Moderator @Experts Exchange
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Suggested Solutions

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now