Bandwidth usage on PIX to PIX ipsec vpn tunnels

Discussion in 'Cisco' started by Paul McLaren, Jul 16, 2003.

  1. Paul McLaren

    Paul McLaren Guest

    Hi,

    Anyone know a easy (and reasonably accurate) way to measure bandwidth of VPN
    tunnels terminating on a PIX.

    I have one main site with mulitple remote sites on a hub/spoke style.

    Thanks

    Paul
     
    Paul McLaren, Jul 16, 2003
    #1
    1. Advertisements

  2. Paul McLaren

    Paul McLaren Guest

    Walter,

    Thanks for the reply.

    I had never heard of ttcp but initial looks like it would do the job, I
    would need to set up some sort of 'logging' as the overall point of the
    exercise is to check a 2meg link is not peaking too much and if so who is
    the 'culprit'.

    I wasn't over concerned about the PIX being pushed too hard, I am sure it
    could handle the traffic even at the central site, also it has a 3640 as all
    local hosts default gtwy at the central site so the inside interface
    shouldn't be pushed either.

    Regards

    Paul
     
    Paul McLaren, Jul 16, 2003
    #2
    1. Advertisements

  3. :I had never heard of ttcp but initial looks like it would do the job, I
    :would need to set up some sort of 'logging' as the overall point of the
    :exercise is to check a 2meg link is not peaking too much and if so who is
    :the 'culprit'.

    Some items you may wish to consider fetching via SNMP:

    enterprises.cisco.ciscoMgmt.ciscoProcessMIB.ciscoProcessMIBObjects.cpmCPU.cpmCPUTotalTable.cpmCPUTotalEntry.cpmCPUTotalPhysicalIndex.1
    enterprises.cisco.ciscoMgmt.ciscoProcessMIB.ciscoProcessMIBObjects.cpmCPU.cpmCPUTotalTable.cpmCPUTotalEntry.cpmCPUTotal5sec.1
    enterprises.cisco.ciscoMgmt.ciscoProcessMIB.ciscoProcessMIBObjects.cpmCPU.cpmCPUTotalTable.cpmCPUTotalEntry.cpmCPUTotal1min.1
    enterprises.cisco.ciscoMgmt.ciscoProcessMIB.ciscoProcessMIBObjects.cpmCPU.cpmCPUTotalTable.cpmCPUTotalEntry.cpmCPUTotal5min.1

    Those are .1.3.6.1.4.1.9.9.109.1.1.1.1.[2-5].1


    enterprises.cisco.ciscoMgmt.ciscoMemoryPoolMIB.ciscoMemoryPoolObjects.ciscoMemoryPoolTable.ciscoMemoryPoolEntry.ciscoMemoryPoolUsed.1
    enterprises.cisco.ciscoMgmt.ciscoMemoryPoolMIB.ciscoMemoryPoolObjects.ciscoMemoryPoolTable.ciscoMemoryPoolEntry.ciscoMemoryPoolFree.1

    ..1.3.6.1.4.1.9.9.48.1.1.1.[56].1


    Walk .1.3.6.1.4.1.9.9.147.1.2.2.1.1 for memory buffer information.
    [There are descriptions buried in there.]


    If you turn on syslog at 'debug' level, then messages
    %PIX-6-302002 [before PIX 6.2] and %PIX-6-302014 [as of PIX 6.2]
    report the duration and byte transfer count of TCP connections -- so
    you can scan the syslog and calculate individual connection bandwidths.

    Also as of PIX 6.2, %PIX-6-302016 reports duration and byte transfer
    count for UDP connections. The UDP teardown message prior to 6.2,
    %PIX-6-302006, did not have the duration or the transfer count.
     
    Walter Roberson, Jul 17, 2003
    #3
  4. Paul McLaren

    Paul McLaren Guest

    Walter,

    Cheers,

    That appears more up my street, I have several SNMP capable programs
    available,

    Thanks for the assistance.

    Regards

    Paul
     
    Paul McLaren, Jul 17, 2003
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.