dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
28
share rss forum feed

aryoba
Premium,MVM
join:2002-08-22
kudos:4
reply to badsykes1

Re: [HELP] Cisco 1811 is crashing

said by badsykes1:

If i buy an SSG 5 i will have only one router and i can't simulate all protocols in that book..

Only one routing protocol the SSG 5 can't run which is EIGRP since SSG 5 is not Cisco. Otherwise, SSG 5 is pretty much powerful box you can ask for with cheap price

said by badsykes1:

The same learning curve i applied to my current 1811 and learning some intersting tricks..For me is more like a toy than something for a job and i am the little kid at 3-4 years that likes to make it pieces, scratch it, throw it a little )

Experiments (lots of it) is one good hands-on way to learn what works and what does not

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Reviews:
·T-Mobile US
·Verizon FiOS
So here's a question, would the SSG5 net me anything over my existing NS5GT? Probably not right?

As to the question above, unless you are downloading at 72mbps (9MB/s)(how?) which will overwhelm the router and peak CPU usage, then it wouldn't cause an issue. 9Mbps will not crash the 1811.

badsykes1

join:2004-12-08
IT is 9MB/s .... This is why i asked those questions..When the router crashed last time it wasn't downloading anything actually..Now when i torrent 9-10MB/s it isn't crashing ...

Hope this makes it clear:

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Ah, location makes sense. You really should not be pushing that much traffic through the 1811 though. Besides that, it sounds like a IOS bug.

badsykes1

join:2004-12-08
Why i shouldn't push so much traffic on 1811 ?

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Not designed for it, which can cause strange glitches.

The ISR 1801-1812 series is rated at 70,000PPS/35.84 Mbps. Are you running any kind of services on the 1811?

badsykes1

join:2004-12-08
That number is from this datasheet i suppose:

»www.cisco.com/web/partners/downl···ance.pdf

Most people here said that 1811 can easily maintain 100mbps pipe with NAT only without any other services and i can confirm this..I have Dhcp enabled and NAT and some opened ports.That's it.I don't stress the router with encryptions, crypto and ZBFW yet..
I have also an 850 that's rated a 5Mbps there .... ? I didn't test it but peple around said it can go to max 25mbps...
1811 is a powerfull router with at least 800mhz processor and 128 mb and i bought because it can do wirespeed...It would be really stupid to be rated ONLY at a poor 35mbps when a 30$ dlinks can pull wire speeds easily and have a cpu around 300mhz or so and 32mb ...
Is the same like single core cpu from a PC and 512mb ram without any antivirus, firewall and other programs running at startup..If you put any programs at startup it will slow down..

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Reviews:
·T-Mobile US
·Verizon FiOS
Well that's only partially true, it can maintain 100mbps with NAT only, but it also depends on the type of traffic and number of sessions it has passing through it. I know for example that my 2811 can handle 35/35, but it peaks at 100% CPU usage with multiple connections.

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
reply to sk1939
Read the document carefully. Those performance numbers are without any services, and moving 64byte packets (i.e. worst case network traffic.) Performance is a function of traffic and configurationl 70kpps is a baseline for comparing models. (the size of your routing table will effect that number.)

Yes, an 1811 can move 100mbps. Would I recommend it? Of course not. The more services one enables, the more sessions NAT has to track, the more routes put in it... everything will subtract from performance.

Back to the point of the thread... his "crash" isn't a crash; the router is doing exactly what it's programmed to do... shutdown before it melts. Fix the fan and it'll be fine. If the hwmon isn't working, then you have another problem. You aren't going to get cisco to cut you a custom build with the environmental monitor disabled. [they're EOL or I'd say buy smartnet and have it replaced.]

badsykes1

join:2004-12-08
Ok... here is the situation
The smartnet idea is very intersting..The full smartnet for 1811 costs around 135$..The problem this router is not new and i don't have proof of purchased.I got it from someone that had it from a bank and have nothing to do with it anymore..In simple ways: i got it from somekind of local "ebay" and the cost was around 200$..Not many people buy Cisco products from second hand in my country because they are expensive and for home users is no point..
What are the chances that they would accept a smartnet contract on this device? It would be cheaper for me to get a smartnet contract and get the router replaced instead of buying another from second hand..
I expect any tips on this matter ..
My 1811 is already have problems with hwmon system and the fan needs to be replaced .. My router is fine for the last days..

Status:

Router uptime is 3 days, 37 minutes
System returned to ROM by reload at 00:54:27 EEST Fri May 18 2012
System image file is "flash:c181x-advipservicesk9-mz.124-24.T.bin"

I reloaded manually the router but except of this it would be around 7 days without crash ....
"
Router#show environment all

Fan Failed.

Board Temperature : normal.
"

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
said by badsykes1:

What are the chances that they would accept a smartnet contract on this device?

Absolutely ZERO...

End of New Service Attachment Date: HW

For equipment and software that is not covered by a service-and-support contract, this is the last date to order a new service-and-support contract or add the equipment and/or software to an existing service-and-support contract.

April 15, 2012

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
reply to cramer
said by cramer:

Yes, an 1811 can move 100mbps. Would I recommend it? Of course not. The more services one enables, the more sessions NAT has to track, the more routes put in it... everything will subtract from performance.

For the record...

888888888888888888888898888888888888888888888888888888888
6762737364465743345530753365888433627703456745787447701063
100 *
90 ** * * * *** ** ** ***** * ** *** **** ** * **
80 *#*##*#********#*********#**#****#**#******#**#*#*##******#
70 *######*############*#####*#######*#################*######
60 ###########################################################
50 ###########################################################
40 ###########################################################
30 ###########################################################
20 ###########################################################
10 *###########################################################
0....5....1....1....2....2....3....3....4....4....5....5....
0 5 0 5 0 5 0 5 0 5
CPU% per minute (last 60 minutes)
* = maximum CPU% # = average CPU%

rtr1811#show ip nat statistics
Total active translations: 113 (12 static, 101 dynamic; 113 extended)
Outside interfaces:
FastEthernet0, FastEthernet1
Inside interfaces:
Vlan1, Virtual-Template1
Hits: 355106644 Misses: 8247764
CEF Translated packets: 359140033, CEF Punted packets: 5132820
Expired translations: 9776191
Dynamic mappings:
-- Inside Source
[Id: 1] route-map via-fastethernet-0 interface FastEthernet0 refcount 8
[Id: 2] route-map via-fastethernet-1 interface FastEthernet1 refcount 1
Queued Packets: 0

That's traffic (scp) from VLAN1 to F1 with NAT. Interrupt load floats between 70% and 80%, but that's only one nat session, add in a few hundred (or thousand) and it will cry uncle. scp says the throughput was 10.5-10.9MB/s.

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Reviews:
·T-Mobile US
·Verizon FiOS
reply to cramer
Yes, I'm well aware of all of that, it's still a good benchmark to follow. It's much better for capacity planning to under-rate than over-rate.

I didn't notice the fan was dead, in which case it quite possibly is a heat issue.

2811 by comparison (20Mbps traffic):

2800#sh processes cpu | include CPU
CPU utilization for five seconds: 58%/57%; one minute: 47%; five minutes: 21%
2800#sh ip nat statistics
Total active translations: 2727 (0 static, 2727 dynamic; 2727 extended)
Outside interfaces:
Virtual-Access1, Dialer1
Inside interfaces:
FastEthernet0/1
Hits: 92477036 Misses: 823592
CEF Translated packets: 89540280, CEF Punted packets: 5035566
Expired translations: 1258909
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 interface Dialer1 refcount 2728
Queued Packets: 0

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
Agreed. I'm just saying it can do it, but you'll be deep into the sticky part. ("edge of the envelope")

Even without NAT, the 1800's have a hard time doing line rate. Pure routing, line rate still takes over 50% of the cpu. The 2800's have less trouble (@100M), but they really don't have the CPU power for services at those speeds. (coming from someone who converted a PIX config to a 2851 only to see it roll over and die... 28Mbps w/~5k NAT -- pure routing, DS3 is no problem for it. I never tried gig-to-gig on it.)

badsykes1

join:2004-12-08
Thx for info to both of you..
There are only 2 clients on my network (me and my dad)..My dad is doing a basic surfing and download small files rarely.I am the only one that really stress the router..
If i asked months ago i would have known that smartnet will end.... :(
The router is with basic configurations and no special services activated..

Building configuration...
 
Current configuration : 2870 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
warm-reboot uptime 0
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$QGg5$yYhtvT2fkffcFwslbH8D7/
enable password redalerd
!
no aaa new-model
clock timezone EEST 3
!
!
dot11 syslog
ip source-route
!
!
!
ip dhcp pool MAINPOOL
   import all
   network 192.168.1.0 255.255.255.0
   domain-name HOMELAN
   dns-server 208.67.222.222 208.67.220.220
   default-router 192.168.1.1
   lease 6
!
!
ip cef
no ip bootp server
no ip domain lookup
ip domain name HOMELAN
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip port-map bittorrent port tcp 18517
ip port-map bittorrent port udp 18517
ip port-map bittorrent port tcp 18518
ip port-map bittorrent port udp 18518
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
!
!
username admin privilege 15 password 0 redalert
!
!
!
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
!
!
!
interface FastEthernet0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
!
interface FastEthernet1
 no ip address
 shutdown
 duplex auto
 speed auto
 pppoe enable group global
 pppoe-client dial-pool-number 1
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
 ip address 192.168.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly max-fragments 64
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp pap sent-username ct78255892 password 0 903448
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
ip http server
no ip http secure-server
!
!
ip nat inside source static tcp 192.168.1.3 18517 interface Dialer0 18517
ip nat inside source static udp 192.168.1.3 18517 interface Dialer0 18517
ip nat inside source static udp 192.168.1.2 18518 interface Dialer0 18518
ip nat inside source static tcp 192.168.1.2 18518 interface Dialer0 18518
ip nat inside source route-map LANMAP interface Dialer0 overload
!
access-list 102 remark Default Rule
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run
 
!
!
!
!
route-map LANMAP permit 1
 match ip address 102
!
!
!
control-plane
!
!
line con 0
 password redy
 login
line aux 0
line vty 0 4
 login
 exec prompt timestamp
!
end
 
 

sk1939
Premium
join:2010-10-23
Mclean, VA
kudos:10
Reviews:
·T-Mobile US
·Verizon FiOS
My guess is that it has to do with the fan and temperature, because nothing in your configuration jumps out at me.

You can find replacement fans on Ebay: »www.ebay.com/itm/Cisco-1811-Repl···e86d6649

badsykes1

join:2004-12-08
Oh. .. thx .. i tried to serach on european ebay (uk for example) and couldn't find fans..
But still even if i can get a fan it wouldn't work because i shorted something on the pcb ... The router needs repairs..
I may buy it anyway..