Networking diagram: AR46--6506R-INTERNET
The AR46 is connected to the 6506R through the 100M electrical interface and the 6506R is connected to the upstream Internet.
When the NAT traversal is enabled on the AR46, users have difficulty in opening the webpage each night after 9 pm. At this time, a great number of resource errors occur on the interface connected to the 6506R and the CPU utilization is high.
1. Check that the data is correctly configured.
2. The software version of the router is found as VRP(R) software, Version 3.40, Release RT-0009. It is suspected that the version is too low and thus the system software is upgraded to the latest version. However, the resource error still occurs in the service peak hours and the Internet access of users is still affected.
3. After observation for a few days, it is found out that a great number of resource errors occur when the volume of incoming traffic on the interface connecting the AR46 to the 6506R exceeds 38M bits/sec. The maximum value of the bandwidth is 39.7M bits/sec. After confirmation with employees of the deployment site, the actual bandwidth between the AR46 and the 6506R is 40 M bit/sec. It is thus primarily concluded that the problem is caused by insufficient bandwidth.
To further locate the problem, the bandwidth for transmitting resources is increased to 100 M bits/sec. Observe information about the AR46 at the peak hour and it is found out that the incoming traffic to the 6506R from the AR46 is 100M bit/sec. At this time, the number of resource errors does not increase and the Internet access of users attached to the AR46 is normal. The users can also normally download files.
Because the user only pays for the bandwidth of 40M bits/sec at the present time, the problem cannot be solved by increasing the link bandwidth. Therefore, the only solution is to control the bandwidth by performing restrictions on the AR46. Users attached to the AR46 are mainly personal online users and it has been found out that a great number of traffic on the network is caused by BT downloading files. To reduce the number of TCP connections, the number of NAT sessions on the AR46 is restricted. In addition, run the nat aging-time tcp 600 command on the AR46 to reduce the aging time of the user NAT.
After the preceding setting, the volume of user traffic is reduced to about 20M and the resource error does not occur at the service peak hour. The Internet access of users attached to the AR46 is also normal. Thus, the problem is solved.
1. Data configuration
3. Traffic volume
Resource Error is defined as follows: A buffer area should be applied for when the packets received by the Ethernet chip are sent to the CPU. When detecting that the current buffer area is invalid, the Ethernet chip sends the Resource Error message to the CPU. When the Ethernet chip receives packets at a rapid speed, the time for extracting packets from the buffer area may not keep up. At this time, the buffer queue is filled with occupied buffers and the Resource error occurs when the next packet is processed.
When the link is congested, the AR46 cannot process excessive TCP retransmission packets in time. This results in high CPU utilization and a great number of Resource Errors on the port. As a result, the speed of Internet access of users is slow.
When a great number of resource errors occur, note whether the transmission resource is congested.