cisco 857w internet a singhiozzo appena si accende prog p2p

[Scruffy]

ciao a tutti, sono da tempo in possesso di un cisco 857w configurato per alice 20mbit. ora non ho + la 20 , ma una normale 7mbit e volevo chiedervi se tale config era ok anche per il passaggio da 20 a 7. ho notato che molte volte appena accendo un client per torrent, internet si inchioda di parecchio andando a singhiozzo. non capisco cosa possa essere il problema in quanto le porte sono aperte nel modo corretto.

vi riporto cmq la mia running config:

------------------ show version ------------------

Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 14-Aug-08 07:18 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)YI1, RELEASE SOFTWARE

cisco857w uptime is 2 days, 21 hours, 25 minutes
System returned to ROM by power-on
System restarted at 17:17:45 MEDT Fri Jun 12 2009
System image file is "flash:c850-advsecurityk9-mz.124-15.T7.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
[email protected].

Cisco 857W (MPC8272) processor (revision 0x100) with 59392K/6144K bytes of memory.
Processor board ID FHK0941213W
MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10
4 FastEthernet interfaces
1 ATM interface
1 802.11 Radio
128K bytes of non-volatile configuration memory.
20480K bytes of processor board System flash (Intel Strataflash)

Configuration register is 0x2102


------------------ show running-config ------------------


Building configuration...

Current configuration : 7934 bytes
!
! No configuration change since last restart
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname cisco857w
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
enable secret 5 <removed>
!
no aaa new-model
clock timezone MET 1
clock summer-time MEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
!
crypto pki trustpoint TP-self-signed-3736179284
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3736179284
revocation-check none
rsakeypair TP-self-signed-3736179284
!
!
crypto pki certificate chain TP-self-signed-3736179284
certificate self-signed 01
3082024B 308201B4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33373336 31373932 3834301E 170D3039 30313036 31343437
34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 37333631
37393238 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100DB44 03072367 21FD10AA 5B991895 CA059011 85E89682 CD0945A4 0536FC92
2782D7AD 1FDC05E4 F120DC6E 8AB84BE0 F95679E7 DDE87794 317D999A 8433C0E2
DDFE7EB8 DBC58275 79125B43 87948155 BC61A793 010DFABA 3989BB72 57D37C77
4B85C20D 88B6C26A 2984029A 0BA02E49 0DA4CB35 89CD3968 A7B88071 9B4D641E
57F10203 010001A3 73307130 0F060355 1D130101 FF040530 030101FF 301E0603
551D1104 17301582 13636973 636F3835 37772E63 6973636F 2E636F6D 301F0603
551D2304 18301680 14C0335E 4A681B63 BCACD714 CDB712AC 266C1E72 98301D06
03551D0E 04160414 C0335E4A 681B63BC ACD714CD B712AC26 6C1E7298 300D0609
2A864886 F70D0101 04050003 818100B3 B186A3DF 753D6619 F6A606F8 B8802964
825E5750 BD3CE8F4 1337EF9C BCE19967 22AAE856 A4A48C3F 7EBC9407 C2BF54D9
281464F6 866B3A93 E90371E5 299E03B1 E5F7B395 C9FCD6C1 658BEECE C62C1345
B6B56E17 8BB40EC1 D1680CC5 7E3E190D A3A7655C 2C79F595 59C7B05F 3FF0CE41
FD8533BD 9D1405A3 AF27D873 AE7274
quit
dot11 association mac-list 700
dot11 syslog
dot11 vlan-name WiFi vlan 1
!
dot11 ssid Alice20Mega
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 120A13181E1F050527242721203A320106
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.1 192.168.0.9
!
ip dhcp pool Pool1
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 212.216.112.112 212.216.172.62
lease infinite
!
ip dhcp pool pc01
host 192.168.0.10 255.255.255.0
client-identifier 0100.1318.0204.4b
lease infinite
!
!
ip cef
ip inspect log drop-pkt
ip inspect name Firewall cuseeme
ip inspect name Firewall dns
ip inspect name Firewall ftp
ip inspect name Firewall h323
ip inspect name Firewall https
ip inspect name Firewall icmp
ip inspect name Firewall imap
ip inspect name Firewall pop3
ip inspect name Firewall rcmd
ip inspect name Firewall realaudio
ip inspect name Firewall rtsp
ip inspect name Firewall esmtp
ip inspect name Firewall sqlnet
ip inspect name Firewall streamworks
ip inspect name Firewall tftp
ip inspect name Firewall tcp
ip inspect name Firewall udp
ip inspect name Firewall vdolive
ip domain name cisco.com
ip name-server 212.216.112.112
ip name-server 212.216.172.62
ip ddns update method dyndns1
HTTP
add http://user:[email protected]/nic ... h>&myip=<a>
!
!
!
!
username admin privilege 15 secret 5 <removed>
!
!
archive
log config
hidekeys
!
!
!
bridge irb
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers tkip
!
!
broadcast-key capability-change
!
!
ssid Alice20Mega
!
speed basic-1.0 basic-2.0 basic-5.5 basic-6.0 basic-9.0 basic-11.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0
channel 2412
station-role root
world-mode dot11d country IT both
l2-filter bridge-group-acl
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
no ip address
ip tcp adjust-mss 1452
bridge-group 1
!
interface Dialer0
ip ddns update hostname hostdns
ip ddns update dyndns1 host members.dyndns.org
ip address negotiated
ip access-group 101 in
ip mtu 1492
ip inspect Firewall out
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username aliceadsl password 7 1218091E110E0D003927
!
interface BVI1
ip address 192.168.0.1 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.10 10000 interface Dialer0 10000
ip nat inside source static udp 192.168.0.10 10000 interface Dialer0 10000
ip nat inside source static tcp 192.168.0.10 12000 interface Dialer0 12000
ip nat inside source static udp 192.168.0.10 12000 interface Dialer0 12000
ip nat inside source static tcp 192.168.0.2 4662 interface Dialer0 4662
ip nat inside source static udp 192.168.0.2 4662 interface Dialer0 4662
ip nat inside source static tcp 192.168.0.2 4672 interface Dialer0 4672
ip nat inside source static udp 192.168.0.2 4672 interface Dialer0 4672
ip nat inside source static tcp 192.168.0.2 30162 interface Dialer0 30162
ip nat inside source static udp 192.168.0.2 30162 interface Dialer0 30162
ip nat inside source static tcp 192.168.0.2 7000 interface Dialer0 7000
ip nat inside source static udp 192.168.0.2 7000 interface Dialer0 7000
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 101 permit gre any any
access-list 101 permit ip any any
access-list 101 permit tcp host 63.208.196.101 eq www any log
access-list 101 permit udp host 207.46.232.42 eq ntp any
access-list 101 permit udp host 192.43.244.18 eq ntp any
access-list 101 permit udp host 212.216.112.112 eq domain any
access-list 101 permit udp host 212.216.172.62 eq domain any
access-list 102 permit ip any host 192.168.0.1
access-list 102 permit ip any any
access-list 700 permit 001e.2aee.8470 0000.0000.0000
access-list 700 permit 001d.0fb4.eb65 0000.0000.0000
access-list 700 permit 001e.a988.6f93 0000.0000.0000
access-list 700 permit 001d.92cd.aee0 0000.0000.0000
access-list 700 permit 001b.7776.c94d 0000.0000.0000
access-list 700 permit 0021.27c1.0170 0000.0000.0000
access-list 700 permit 0021.27c3.1edc 0000.0000.0000
access-list 700 permit 0013.ce90.3e82 0000.0000.0000
access-list 700 permit 0018.4194.2cdd 0000.0000.0000
access-list 700 permit 0016.44f1.d207 0000.0000.0000
access-list 700 permit 0021.5da5.bc26 0000.0000.0000
access-list 700 permit 0024.3655.f028 0000.0000.0000
access-list 700 permit 0021.5d7d.c2ac 0000.0000.0000
access-list 700 permit 0025.4b8f.2190 0000.0000.0000
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner login ^CCAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
sntp server 207.46.197.32
sntp server 192.43.244.18
end

[Gianremo.Smisek]

a parte il fatto che io toglierei quelle ACL a layer2..
Poi il tuo cisco ha solo 64mb di ram... un po' pochini: le sessioni p2p prendono un casino di risorse.


ciao!

[Scruffy]

dimenticavo: questo è il test su speedtest.net

http://www.speedtest.net/result/496149010.png


e questi solo i valori della mia adsl

ATM0
Alcatel 20190 chipset information
ATU-R (DS) ATU-C (US)
Modem Status: Showtime (DMTDSL_SHOWTIME)
DSL Mode: ITU G.992.1 (G.DMT) Annex A
ITU STD NUM: 0x03 0x2
Vendor ID: 'STMI' 'P '
Vendor Specific: 0x0000 0x0000
Vendor Country: 0x0F 0xB5
Chip ID: C196 (0)
DFE BOM: DFE3.0 Annex A (1)
Capacity Used: 91% 60%
Noise Margin: 11.0 dB 24.0 dB
Output Power: 19.0 dBm 12.0 dBm
Attenuation: 29.5 dB 15.5 dB
Defect Status: None None
Last Fail Code: None
Watchdog Counter: 0xFC
Watchdog Resets: 0
Selftest Result: 0x00
Subfunction: 0x00
Interrupts: 8250 (0 spurious)
PHY Access Err: 0
Activations: 1
LED Status: ON
LED On Time: 100
LED Off Time: 100
Init FW: init_AMR-4.0.015.bin
Operation FW: AMR-4.0.015.bin
FW Source: external
FW Version: 4.0.15

Interleave Fast Interleave Fast
Speed (kbps): 8128 0 480 0
Cells: 91061376 0 283499822 0
Reed-Solomon EC: 0 0 29 0
CRC Errors: 64908 0 5 1
Header Errors: 41609 0 0 1
Total BER: 2196E-8 0E-0
Leakage Average BER: 3490E-9 0E-0
ATU-R (DS) ATU-C (US)
Bitswap: enabled enabled
Bitswap success: 0 0
Bitswap failure: 0 0

LOM Monitoring : Disabled


DMT Bits Per Bin
000: 0 0 0 0 0 0 3 4 5 6 7 8 8 8 8 6
010: 8 8 8 8 8 7 7 7 6 6 5 4 3 4 0 0
020: 0 0 0 0 0 5 B B C C C D D C C C
030: C C C C C C C C C C C C D C C D
040: 0 C C C C C C C C C C C C C C C
050: C 2 C C C C C B B B B B B B B B
060: B B B B B B B B B A B B B B B B
070: B A B A B B B B B A A A A B A A
080: A A A A A A A A A A 9 A A A A A
090: A 9 A 9 9 9 9 9 A 9 A A 9 9 9 9
0A0: 9 A 9 9 9 9 A A A 9 A 9 A A A 9
0B0: A A 9 A 9 9 A 9 A A A A A A A A
0C0: 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9
0D0: 9 9 9 9 9 9 9 9 9 9 8 8 9 8 8 8
0E0: 8 8 8 8 8 8 8 8 8 8 8 8 8 7 7 7
0F0: 8 8 7 7 7 7 7 7 7 7 7 7 7 7 7 7

DSL: Training log buffer capability is not enabled

command completed.

[masterx81]

Fa lo stesso anche a me!!!
Io ho un 877 con 256mb di ram (come risorse ci sto dentro alla grande), ed appena accendo il mulo si comporta esattamente così. Ho provato anche con un 1801 e mi fa la stessa cosa.
Pero' io come provider ho libero, ed ho imputato al colpa al provider...
Stavo cercando il coraggio di passare ad ngi...

Leggiti questa discussione:
http://www.ciscoforums.it/viewtopic.php ... highlight=

[Wizard]

Uniche vie:

1) timeout sulla tabella di nat sul router

2) impostazione statica di 500 connessioni sul client p2p

Questa config con un vecchio, ottimo 837 e p2p nn ha mai dato problemi!

[Scruffy]

grazie a tutti per le risposte, però ho da dire 2 cose:

1° effettivamente prima quando accendevo torrent emule ecc ecc no navevo tutti sti rallentamenti, mentre ora si
2° dopo aver postato, mi è caduta internet per parecchie ore. prima non riuscivo neanche a giocare online... ping ballerino. tornato internet di sera tutto perfetto. ora non ho provato con i p2p ma penso qualcosa sia gia migliorata ( problema provider allora?)
3° ho preso cmq altri 64mb di ram così da portare il router a 128.

PS: quali acl devo togliere?

[Wizard]

3° ho preso cmq altri 64mb di ram così da portare il router a 128.

Bene, però, le indicazioni che ti ho scritto prima falle cmq!
Poca spesa tanta resa in questo caso.

[anburg]

ciao
ho quasi lo stesso problema, con i client p2p navigo moooolto lento.
questi i miei valori:

ip nat translation timeout 420
ip nat translation tcp-timeout 120
ip nat translation udp-timeout 120
ip nat translation syn-timeout 120
ip nat translation dns-timeout 300
ip nat translation icmp-timeout 120

cosa posso fare per migliorare la velocita' quando navigo? ho una alice 7MB
grazie ciao

[Wizard]

Hai messo come ti dicevo io le connessioni sul client?

[Scruffy]

ciao wizard, ho aggiunto altri 64mb di ram . il problema è il seguente:

esempio:
apro torrent; appena apro torrent, anche se non scarico ancora nulla ( il download è ancora a 0) internet va chiodo. dopo un 2-3 minuti.... (forse qualcosina di + tipo 4-6 minuti) internet riprende a sfrecciare.....

possibile che devo mettere solo 500 connessioni? a meule ho messo 3500 o 5000 mi pare, ma come detto va lento solo all'inizio. poi sia ping che il resto va perfetto. secondo me è qualcosa riguardo il firewall che si incanta diciamo per poi riprendere ok

PS: dimenticavo per mettere timeout a 500 basta che metto come ha scritto l'utente sopra solo che invece di 420 metto 500? solo generale o anche per tcp udp ecc ecc?

[anburg]

Hai messo come ti dicevo io le connessioni sul client?

ciao
bittorrent ha 200 connessioni di default, emule non lo uso quasi mai ma lo ho settato come consigliato. il mio problema è che l' apertura delle pagine di certi siti, questo ad esempio, risulta lentissima altri siti no.
ho un 877 con 256 mb di ram

@ scruffy portare a 500 il timeout porta vantaggi?

grazie ciao

[Scruffy]

non so se mettendolo a 500 ci son miglioramenti. cmq il mulo lo ho configurato ocn 3000 connessioni per ogni file e 15000 totali. anche mettendo parecchi file internet va ok. il problema è con torrent....