Weird Cisco Problems
SmilingAssassin
Join Date: 2003-07-15 Member: 18174Members
Join Date: 2003-07-15 Member: 18174Members
<div class="IPBDescription">Lagging the entire network</div> This question is for the more experienced network administrators.
I have a server that is hooked to a nice connection through a Cisco 3600 router. However, when I set up the server, and have 18 people on it, it brings the entire network to a crawl. The game still runs nice and fast, but EVERYTHING else on the network (name services, http requests, mail functions) slow to a crawl. I figure it's the router that is misconfigured. I think it's the adjustable TX-RING buffer (queues the udp packets before sending them) that Cisco puts on some of it's routers. I asked the ISP who owns the router, and it appears that the buffer is set quite high. Since hlds_l sends 500+ very small udp packets per second on an 18 slot server, it seems that the router is having difficulty buffering all of them.
Does anyone have any experience with this series of Cisco routers and know the optimal settings to use to host game servers? If your server is behind a similar router, could someone ask their ISP what specific settings they have on the router that permits lots of udp traffic?
(I only ask this because getting my ISP to do anything for me is like pulling teeth. If I know exactly what needs to be changed, perhaps I can convince him to do it for me).
Thanks in advance for your help.
I have a server that is hooked to a nice connection through a Cisco 3600 router. However, when I set up the server, and have 18 people on it, it brings the entire network to a crawl. The game still runs nice and fast, but EVERYTHING else on the network (name services, http requests, mail functions) slow to a crawl. I figure it's the router that is misconfigured. I think it's the adjustable TX-RING buffer (queues the udp packets before sending them) that Cisco puts on some of it's routers. I asked the ISP who owns the router, and it appears that the buffer is set quite high. Since hlds_l sends 500+ very small udp packets per second on an 18 slot server, it seems that the router is having difficulty buffering all of them.
Does anyone have any experience with this series of Cisco routers and know the optimal settings to use to host game servers? If your server is behind a similar router, could someone ask their ISP what specific settings they have on the router that permits lots of udp traffic?
(I only ask this because getting my ISP to do anything for me is like pulling teeth. If I know exactly what needs to be changed, perhaps I can convince him to do it for me).
Thanks in advance for your help.
Comments
If you can at least find out what version IOS he is running. This makes a big difference in diagnosing Cisco issues.
I can say that my guess is that he is trying to manage bandwidth through his router and has miss configured something. If the game server is killing the entire network then he has probably not given high enough priority to the other network services OR he has given too much priority to that particular game server.
Also, is there any type of packet shaper on that network?
If you can at least find out what version IOS he is running. This makes a big difference in diagnosing Cisco issues.
I can say that my guess is that he is trying to manage bandwidth through his router and has miss configured something. If the game server is killing the entire network then he has probably not given high enough priority to the other network services OR he has given too much priority to that particular game server.
Also, is there any type of packet shaper on that network? <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
Nope. He's not a moron. He asked me which settings I'd like to know though and he would give them to me if they weren't sensitive.
I'll ask him if he has a packet shaper. He does limit the bandwidth, as he's had bad experiences in the past with people abusing their contracts.
Thanks.
"Show Tech" would be better (and removes the possibility that you might accidentally include snmp strings or passwords.
"Show Tech" would be better (and removes the possibility that you might accidentally include snmp strings or passwords.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
sh tech includes a metric buttload of garbage that's not relevant to a config question. My assumption is that the network administrator in question is smart enough to remove passwords from sh run output.
The reason I want the whole config is because the possibilities for configuration error or unoptimised config are all over the place. I don't even know what interfaces the box has, so how can I know what information to ask for? It would be waste of everyone's time to take blind stabs at a problem, when the cause may be in a portion of the config that wasn't even considered. Hence, my request for the whole thing. If that can't be done, at least the config lines for the interfaces and ACLs, since that's most likely where the problem is.
I cannot make any kind of diagnosis based on the IOS version alone. All that would tell me is if it's vulnerable to certain software bugs.
Hrm, CPU and memory usage on the router when traffic is high? Lower-end routers can be brought to their knees quite easily by too many or too-restrictive ACLs, rate-limits, anything that requires the router to do more than "push packets."
Hrm, CPU and memory usage on the router when traffic is high? Lower-end routers can be brought to their knees quite easily by too many or too-restrictive ACLs, rate-limits, anything that requires the router to do more than "push packets." <!--QuoteEnd--> </td></tr></table><span class='postcolor'> <!--QuoteEEnd-->
I'm with SmilingAssassin on this one. If you can't log into the router when the server is full then you are probably running a bit low on Router Memory.
I have seen ACL's completely hose Cisco routers when under high traffic.
is this a new thing?
check the CPU, you might have welchia or msblast on your network.
Quick check:
show ip cache flow | include 0800
and
show ip cache flow | include 0087
The first will check for icmp traffic. If you see a lot (more than a few) you might want to check the IP's you see in the cache flow.
<a href='http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a00801b143a.shtml' target='_blank'>http://www.cisco.com/en/US/products/sw/voi...0801b143a.shtml</a>
check the CPU, you might have welchia or msblast on your network.<!--QuoteEnd--></td></tr></table><span class='postcolor'><!--QuoteEEnd-->
Well, I don't doubt that we have msblast on some parts of the network. It's a pain to get home users to upgrade their virus definitions and install patches. However, this problem existed before any of these nasty worms started coming around. I think it's like some people here in the forum suggested, that it's an over restrictive ACL. I'll see if he can't cause the router to just pass the UDP packets straight through instead of trying to manipulate them in some way.