Fluctuating download speeds

Forums › One New Zealand (including Vodafone, WxC, Farmside) › Fluctuating download speeds

1 | 2

Judge

14 posts

Geek
Inactive user

#671995 13-Aug-2012 21:57

So I need to test my phone cable then? How do I do that?

Wise

Send money globally for less with Wise - one free transfer up to NZ$900 (affiliate link).

LennonNZ

2458 posts

Uber Geek

ID Verified

Trusted

#671996 13-Aug-2012 21:59

whats the output of ...

show ip inspect statistics

and

show configuration | include ip inspect

Judge

14 posts

Geek
Inactive user

#672003 13-Aug-2012 22:04

Packet inspection statistics [process switch:fast switch]
tcp packets: [3765:1087030]
udp packets: [1694:8]
packets: [76:2815]
http packets: [1487:594287]
sip packets: [104:0]
Interfaces configured for inspection 1
Session creations since subsystem startup or last reset 2518
Current session counts (estab/half-open/terminating) [4:0:0]
Maxever session counts (estab/half-open/terminating) [64:22:6]
Last session created 00:00:43
Last statistic reset never
Last session creation rate 1
Maxever session creation rate 156
Last half-open session total 0
TCP reassembly statistics
received 58430 packets out-of-order; dropped 3413
peak memory usage 98 KB; current usage: 0 KB
peak queue length 16

===

ip inspect audit-trail
ip inspect name WAN_FW appfw WAN_FW
ip inspect name WAN_FW icmp alert on audit-trail on router-traffic
ip inspect name WAN_FW fragment maximum 256 timeout 1
ip inspect name WAN_FW dns alert on audit-trail on
ip inspect name WAN_FW ddns-v3
ip inspect name WAN_FW ftp alert on audit-trail on
ip inspect name WAN_FW ftps alert on audit-trail on
ip inspect name WAN_FW http
ip inspect name WAN_FW https
ip inspect name WAN_FW esmtp alert on audit-trail on
ip inspect name WAN_FW imap
ip inspect name WAN_FW imap3
ip inspect name WAN_FW imaps
ip inspect name WAN_FW pop3
ip inspect name WAN_FW pop3s
ip inspect name WAN_FW ntp
ip inspect name WAN_FW sip
ip inspect name WAN_FW sip-tls
ip inspect name WAN_FW snmp
ip inspect name WAN_FW snmptrap
ip inspect name WAN_FW rcmd
ip inspect name WAN_FW syslog
ip inspect name WAN_FW syslog-conn
ip inspect name WAN_FW tcp alert on audit-trail on router-traffic
ip inspect name WAN_FW udp alert on audit-trail on router-traffic
ip inspect WAN_FW in
ip inspect WAN_FW out

Judge

14 posts

Geek
Inactive user

#672011 13-Aug-2012 22:17

Is there something wrong with my modem configuration?

hamish225

1418 posts

Uber Geek

ID Verified

#672021 13-Aug-2012 22:34

If it's the rain all you can do is wait for things to dry out, if it doesn't fix itself then maybe call your isp and they can send out a chorus tech.

But try a different modem first, they're less than $100, vodafone might evem send you out one free if you sign a contract.

*Insert big spe*dtest result here*

LennonNZ

2458 posts

Uber Geek

ID Verified

Trusted

#672023 13-Aug-2012 22:36

IMHO a little excessive in the firewalling .. :)

The little cisco's (even the larger ones) could max out in CPU/Thuput with excessive inspects

You are dropping packets a little due to packets being out of sync..

increase them a little

ip inspect tcp reassembly queue length 1024 (or something not so large)

ip inspect name WAN_FW appfw WAN_FW <-- a little strange.. remove it .. unless you have appfw defined called WAN_FW ???

Yes you do have a low connection rate and maybe errors? do you have interleaving on/off? (which might fix the errors if you do) . Tried looking at getting your line checked?

Judge

14 posts

Geek
Inactive user

#672509 14-Aug-2012 21:23

LennonNZ: IMHO a little excessive in the firewalling .. :)

... call me paranoid... I like to see what's going on, plus the router can handle it.

Session audit trail is enabled
Session alert is enabled
one-minute (sampling period) thresholds are [unlimited : unlimited] connections
max-incomplete sessions thresholds are [unlimited : unlimited]
max-incomplete tcp connections per host is unlimited. Block-time 0 minute.
tcp synwait-time is 30 sec -- tcp finwait-time is 5 sec
tcp idle-time is 3600 sec -- udp idle-time is 30 sec
tcp reassembly queue length 16; timeout 5 sec; memory-limit 1024 kilo bytes
dns-timeout is 5 sec
Inspection Rule Configuration
Inspection name WAN_FW
icmp alert is on audit-trail is on timeout 10
inspection of router local traffic is enabled
fragment Maximum 256 In Use 0 alert is on audit-trail is on timeout 1
dns alert is on audit-trail is on timeout 30
ddns-v3 alert is on audit-trail is on timeout 30
ftp alert is on audit-trail is on timeout 3600
ftps alert is on audit-trail is on timeout 3600
Application Policy name WAN_FW
Application http
strict-http action allow alarm
content-type-verification unknown-type match-req-rsp action allow alarm
port-misuse tunneling action allow alarm
transfer-encoding compress action allow alarm
transfer-encoding identity action allow alarm
transfer-encoding chunked action allow alarm
transfer-encoding gzip action allow alarm
transfer-encoding deflate action allow alarm
audit-trail is enabled
http alert is on audit-trail is on timeout 3600
https alert is on audit-trail is on timeout 3600
esmtp max-data 20000000 alert is on audit-trail is on timeout 3600
imap alert is on audit-trail is on timeout 3600
imap3 alert is on audit-trail is on timeout 3600
imaps alert is on audit-trail is on timeout 3600
pop3 alert is on audit-trail is on timeout 3600
pop3s alert is on audit-trail is on timeout 3600
ntp alert is on audit-trail is on timeout 30
sip alert is on audit-trail is on timeout 30
sip-tls alert is on audit-trail is on timeout 30
snmp alert is on audit-trail is on timeout 30
snmptrap alert is on audit-trail is on timeout 30
rcmd alert is on audit-trail is on timeout 3600
syslog alert is on audit-trail is on timeout 30
syslog-conn alert is on audit-trail is on timeout 3600
tcp alert is on audit-trail is on timeout 3600
inspection of router local traffic is enabled
udp alert is on audit-trail is on timeout 30
inspection of router local traffic is enabled

so queue length is 16 (assuming this is the default as I've never changed it)... after using this router for going on 5 years would it be safe to assume (never safe to assume... lol) that this is a cabling fault or should I up the queue length?

Thanks for your assistance LennonNZ, it is much appreciated :)

1 | 2