Link to home
Start Free TrialLog in
Avatar of JustinBMak
JustinBMak

asked on

Slow Throughput - Cisco 3850

EE Folks:

I have just set up a fresh install of two Cisco 3850's. My client the following:

1 - Sonicwall NSA220
2 - Cisco 3850's (linked in the back of the switch)

Internet is 100 Mb down / 100 Mb up fiber

When I run a speed test from my Mac Book Pro (15" - 2013 Model Retina) through the switch connected via Thunderbolt -> Ethernet adapter - I get about 6Mb down and about 8Mb up.

When I unplug my cable and plug in directly to the sonicwall, I get about 98Mp down / 96Mb up.

So I plugged back in to the Cisco ad do another speed test, same server, same everything and then it goes back to 6Mb (or so) down and 8Mb up (or so).

So I am lost, can someone direct me where or what needs to change on the Cisco since clearly the Cisco is limiting throughput for some reason. Also, I have checked counters, no collisions, packet loss, etc. Everything is 100%

I have set speed/duplex to auto/auto, 100/auto, 100/full both for my Mac and the Sonicwall. Regardless, when I bypass the Cisco, I get throttled.

I have another client wither two Cisco 3750's and a Sonicwall NSA3500 and they get the full bandwidth and I have compared config's and everything matches (regarding the internet).

Please help, thanks.
Avatar of Zephyr ICT
Zephyr ICT
Flag of Belgium image

Are you connected on the same switch as where the firewall is connected or the second one in the stack?
Avatar of JustinBMak
JustinBMak

ASKER

Yes.

My Mac is plugged in to

int gi 2/0/16

The Sonicwall is plugged in to:

int gi 2/0/25
interesting ... Did you try setting port and laptop on fixed 100mb? Also, what "server" are you using?
Yes, tried that port/duplex text.

I've tried using Softlayer (via speedtest.net) for both on and off the Cisco 3850. That's where I get the 98/96 w/o the Cisco 3850 and then the 6/8 through the switch

Also tried TWC's speedtest (since the fiber is through twcbc) and I get the same

User generated image
could you provide a show interface of both? I'm sure you've checked it all, but a third eye can't hurt :)
Yea, of course:

My Mac Pro

TS-3850-Core#sho int gi 2/0/14
GigabitEthernet2/0/14 is up, line protocol is up (connected)
  Hardware is Gigabit Ethernet, address is 6899.cdf8.1a0e (bia 6899.cdf8.1a0e)
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 7000 bits/sec, 6 packets/sec
  5 minute output rate 9000 bits/sec, 9 packets/sec
     5887 packets input, 705011 bytes, 0 no buffer
     Received 718 broadcasts (552 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 552 multicast, 0 pause input
     0 input packets with dribble condition detected
     14936 packets output, 1932805 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out
TS-3850-Core#



The Sonicwall:

TS-3850-Core#sho int gi 2/0/25
GigabitEthernet2/0/25 is up, line protocol is up (connected)
  Hardware is Gigabit Ethernet, address is 6899.cdf8.1a19 (bia 6899.cdf8.1a19)
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is off, output flow-control is unsupported
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 73000 bits/sec, 94 packets/sec
  5 minute output rate 61000 bits/sec, 78 packets/sec
     511235 packets input, 193957472 bytes, 0 no buffer
     Received 4 broadcasts (0 multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     384367 packets output, 60423301 bytes, 0 underruns
     0 output errors, 0 collisions, 1 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out
Hmmm, seems ok indeed ...

Are both machines in the same VLAN? Probably, but need to go over the possibilities... I see they are 1Gb ports
Vlans? Technically - no

Because I want the Cisco 3850 to be my default GW and not the sonicwall.

There is a vlan (VLAN75) for Internet w/ a ip of 10.143.75.254

VLAN75 Config:

ip address 10.143.75.0 255.255.255.0


Then there a route on the Cisco 3850

ip route 0.0.0.0 0.0.0.0 10.143.70.1 (10.143.70.1 is the ip of the SW)

I wasn't expecting to run in to so many problems on this conversion. Obviously you can only test so much stuff but I've been on this conversion now for 16 hours (that including moving servers from one rack to the other).


If there is a better way to set up the sonicwall, I'm all ears. But the way I just previously mentioned is set up exactly the same way over at another site w/o issues.
Do you know the software version of the switches? I know of a bug in inter VLAN routing slowing down traffic, but this was a while ago, so if you upgraded the software it's probably not the case.

Might try to see if it helps putting the Mac into the same VLAN as the firewall ... If you haven't done this yet.
TS-3850-Core#sho ver
Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version
03.02.03.SE RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Mon 23-Sep-13 18:24 by prod_rel_team


Will try that next (same vlan)
I think the bug was in IOS 03.02.02.SE so normally you should be ok I think ...
-Spravtek:

Thanks, but I don't think the bug (if it was 03.02.02 SE) was fixed in 03.02.03.SE. I just put my self on the same VLAN as the Sonicwall and did another speed test and I get full bandwidth through the Cisco 3850

So the "bug" must still be around in 03.02.03.SE with inter-vlan routing mechanism. Do you agree?
ASKER CERTIFIED SOLUTION
Avatar of Zephyr ICT
Zephyr ICT
Flag of Belgium image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Just to let you know, the IOS is for general download w/o a tac membership.

I have not tftp over yet and installed it, but will keep you posted. Still working on getting a tac just for that "just in case"  moment if you know what I mean.

Will keep you posted once I get it installed. Today, I moved all my users back to the old HP 5u switch until I (we) get the inter-routing issue resolved.

But like I said, I will keep you posted. Thanks again for the "thought".
Hi,

No worries, take your time, will be interesting to know if it helps/solves your issues ... One to take with me to certain clients.
-Spravtek:

So I have downloaded, tftp and installed:

cat3k_caa-universalk9.SPA.03.03.05.SE.150-1.EZ5.bin

from Cisco's website. Extracted it and installed, did a reload and the switch came up fine.

The ONLY con, was Ports gi 1/0/1-6 at their lights on the front turned on (nothing connected) and solid. I plug in a machine to each port, and then unplugged it and the lights went off. Other than that, the IOS upgrade went smoothly as expected.

Hooked back up the internet (had to take the switch out of production), and ran a speed test and I got almost the full bandwidth (during the day with others sharing the same 100mb fiber). So, so far the test went well since before I was lucky if I got 7Mb (both up and down) before.

My next text is copying a file over from one machine to another (on a different vlan) to see if I get it transferred FASTER than 170k. lol

Thanks.