Re: Queue Drops

> > In both sites I am seeing a lot of input and output queue drops on the
> > router interfaces connected to the ISP. In the site with the two T1s I see
> > the drops on each of the serial interfaces and in the site with the three
> > Internet T1s I see drops on the Multilink Frame Relay bundled interface and
> > not on the serial interfaces.
>
> > I am running a Cisco 2811 in the site with the three Internet T1 and a Cisco
> > 3825 in the site with the two Internet T1s. These routers are running the
> > 12.3T IOS train (required for hardware support).
>
> > In one of the sites I have Internet T1s to a different ISP that uses PPP
> encapsulation on the links and I do not have any problems with queue drops.

> If you are using WFQ do fair-queue 256 256 256 if that doesn't help you
> might want to switch to FIFO and do: hold-queue 375 in, hold-queue 375
> out. Let me know if that does not help.

This may well reduce or eliminate the queue
drops or it may not. You should however
understand their root cause first.

For example TCP is _DESIGNED_ (I can't emphaise
it enough:-) to create _output_ queue drops. If you are
getting _legitimate_ TCP created queue drops
then if you whack up the buffers the only result
is that potentially _all_ TCP traffic will be delayed
by the length (in time) of the queue.

Lets see 375 * 1500 * 8 / 1,500,000
= 3 seconds (by my guestimate)

This may well have a detrimental effect on the
performance of your systems.



"In both sites I am seeing a lot of input and output queue drops on the

router interfaces connected to the ISP"

Output queue drops are usualy a consequence of
a full link, Input queue drops are rather a different matter.

1.
Check the routers buffers

sh buff

If you have memory (and who doesn't now?)
increast the permanent buffers until there are few
misses.

Don't go mad, just gently ease them up until
most misses go away.

2.
Worry about the CPU utilisation.

3.
Worry about the internal traffic hitting the router
and causing it to be too busy.
I have used for example IP broadcast filters on the
internal interface of 'weak' routers.

access-list 100 deny any host 255.255.255.255
access-list 100 deny any my.subnet.0 0.0.0.255 ! e.g.
access-list 100 permit any any

This can clearly break some stuff but is likely to be OK
on an internet router.

Finally, queues are bad, very bad, sometimes.

.

Relevant Pages

  • Re: Odd Masq/NAT problem under 2.4.22
    ... > When I try to access the internet from a private network client, ... > 2) I can ping anything I want on my intranet or the internet without any ... Do you have increasing error counters on the router's interfaces ... Check whether surfing from the router itself is fast as usual. ...
    (comp.os.linux.networking)
  • Re: Edge network and internet connection
    ... My machine only have 1 NIC, can it connected to internet? ... connect it to internet via dsl modem or router? ... Make sure that the IP addresses on both interfaces are separate subnets. ...
    (microsoft.public.isa)
  • Re: Edge network and internet connection
    ... connect it to internet via dsl modem or router? ... Make sure that the IP addresses on both interfaces are separate subnets. ...
    (microsoft.public.isa)
  • Re: VPN connect-Ok, but....
    ... RRAS will route automatically between its interfaces. ... Internet ...
    (microsoft.public.win2000.ras_routing)
  • proxy+nat+qos
    ... anyone have try to queue in altq incoming traffic from internet to squid ... squid is working on the router. ...
    (comp.unix.bsd.openbsd.misc)