With my current Cisco 877 configuration running in PPPoA configuration, I noticed that my international file transfer/download performance wasnt up to scratch. Everything locally was quite fast, but when it came to download files from overseas I noticed transfer speeds would go up and down constantly without any consistency in speed. This was the same case with video streaming and constant buffering. At the same time I had a Draytek 2710 and the performance on that was better compared to the Cisco.
I spent a few hours trying to tweak various MTU/TCP MSS ADJUST settings to optimize international bandwidth performance on the Cisco. The Draytek MTU default was 1442, so I figured something on the cisco within the MTU is causing these performance issues. So I investigated and tried so many various settings and in the end, I switched to PPPoE on the Cisco. What I then discovered is, that I do not need the MTU configured on the Cisco at all, and the 877 performs better without the MTU set. All that I changed in my new configuration is adding the command “ip tcp adjust-mss 1405″ on the Dialer1 interface. After this was applied I noticed a dramatic improvement on TCP/FTP transfers from overseas destinations. As well as having “ip virtual-reassembly” on the vlan1 interface.
I did also try adjusting the mss value to 1442 same as the draytek, however it didnt perform as well, so then i tried decrementing values to try to see what kind of performance it made, and in the end 1405 came out to be very good.
So if you are in the same scenario, and wanting to improve TCP transfers on your cisco, the MSS adjust setting could come in very handy.
When a host (usually a PC) initiates a TCP session with a server, it negotiates the IP segment size by using the MSS option field in the TCP SYN packet. The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host. The default MSS value for a PC is 1500 bytes.
The PPP over Ethernet (PPPoE) standard supports a MTU of only 1492 bytes. The disparity between the host and PPPoE MTU size can cause the router in between the host and the server to drop 1500-byte packets and terminate TCP sessions over the PPPoE network. Even if the path MTU (which detects the correct MTU across the path) is enabled on the host, sessions may be dropped because system administrators sometimes disable the ICMP error messages that must be relayed from the host in order for path MTU to work.
The ip tcp adjust-mss command helps prevent TCP sessions from being dropped by adjusting the MSS value of the TCP SYN packets.
The ip tcp adjust-mss command is effective only for TCP connections passing through the router.
(Taken from the Cisco website…http://www.cisco.com/en/US/docs/ios/12_2t/12_2t4/feature/guide/ft_admss.html)
Here is my current PPPoE config, with the optimizations:
(Items in bold are the changes)
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec show-timezone
service timestamps log uptime
service password-encryption
service internal
!
hostname cisco877
!
boot-start-marker
boot-end-marker
!
logging buffered 16000
logging console critical
enable secret yoursecretpassword
!
no aaa new-model
clock timezone ACST 9 30
clock summer-time ACST recurring last Sun Oct 2:00 1 Sun Apr 3:00
!
!
dot11 syslog
no ip source-route
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
ip name-server 192.231.203.132
ip name-server 192.231.203.3
!
!
!
username root privilege 15 password yourpasswordhere
!
!
archive
log config
hidekeys
!
!
!
!
!
interface ATM0
description — Internode ADSL —
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
dsl bitswap both
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 10.108.1.2 255.255.255.224
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description connection to ISP PPPoE 8/35 MUX
ip address negotiated
ip access-group 101 in
no ip unreachables
ip nat outside
no ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1405
dialer pool 1
dialer idle-timeout 0
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname username@something.net
ppp chap password yourpasshere
interface Dialer0
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 1 permit 10.108.1.0 0.0.0.31
access-list 1 deny any
access-list 101 deny icmp any any echo
access-list 101 permit ip any any
access-list 102 permit ip 10.108.1.0 0.0.0.31 any
dialer-list 1 protocol ip permit
snmp-server community public RO 1
!
!
line con 0
password youreconsolepassword
login
no modem enable
transport preferred none
stopbits 1
line aux 0
line vty 0 4
session-timeout 240
access-class 102 in
password yourtelnetpassword
login
transport preferred none
!
scheduler max-task-time 5000
sntp server 129.127.40.3
end
Cisco 877
Recent Comments