The bandwidth on the S0 interface is "BW 2048 Kbit" which is higher than a T1. This doesnt have any negative impact per say but it does change the routers perceived load. The router says it is using a "rxload of 188/255” But this is assuming it has 2048K. A T1 is only 1.544 MB, so the real rxload is higher than that.
The first step I would take is to put a sniffer online and discover what machines are doing the most bandwidth, what protocols are doing the most bandwidth. And then decide if this is acceptable to you. If the chatty stuff is needed, then upgrade bandwidth or live with it. The PIX NAT shouldnt be a problem unless you have more than 30 internet speaking host, do you? Mitchell ____________________________________________________ http://www.attackprevention.com Information Security documents, articles, and policy > Hi, all > > I am relatively new to this field. We have full T1 > but the internet speed is very slow. > Sometimes it's even slower than dial-up speed when > downloading files. > E1 E0 E0 s0 > Switch --- PIX ------Cisco 2600 Router------Internet > > (E1 and E0 are Ethernet Interface and S0 is serial > interface) (please see the following status on s0) > > Serial0/0 is up, line protocol is up > Hardware is QUICC Serial > Internet address is X.X.X.X/30 > MTU 1500 bytes, BW 2048 Kbit, DLY 20000 usec, > reliability 255/255, txload 26/255, rxload > 188/255 > Encapsulation HDLC, loopback not set > Keepalive set (10 sec) > Last input 00:00:02, output 00:00:00, output hang > never > Last clearing of "show interface" counters never > Input queue: 0/75/9199/0 (size/max/drops/flushes); > Total output drops: 3307 > Queueing strategy: weighted fair > Output queue: 0/1000/64/3307 (size/max > total/threshold/drops) > Conversations 0/57/256 (active/max active/max > total) > Reserved Conversations 0/0 (allocated/max > allocated) > 30 second input rate 1510000 bits/sec, 235 > packets/sec > 30 second output rate 214000 bits/sec, 173 > packets/sec > 76598509 packets input, 1523011153 bytes, 0 no > buffer > Received 104544 broadcasts, 0 runts, 0 giants, 0 > throttles > 1 input errors, 0 CRC, 1 frame, 0 overrun, 0 > ignored, 0 abort > 66685034 packets output, 4044743843 bytes, 0 > underruns > 0 output errors, 0 collisions, 1 interface resets > 0 output buffer failures, 0 output buffers > swapped out > 0 carrier transitions > DCD=up DSR=up DTR=up RTS=up CTS=up > > I checked the S0 interface status on the internet > router. What info does the above indicate? > What does input and output packets mean in case > internal users download files from internet? > > I really do not know how to find out where all traffic > are from? I bet there are lots of downloads > from internet. Where should I start? > > BTW, we have one block class C public address. But > the PIX only use 30 for NAT and one > global pool address: > global (outside) 1 x.x1.x2.201-x.x1.x2.230 > global (outside) 1 x.x1.x2.200 > > Could this cause the slowness on internet speed also? > > Thanks in advance, > > Jane --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
