oddity with vpn tunnel

[oddyager]

I have a stie to site vpn tunnel set up between my site and a remote site (1MB link between us). If I download a file from them (no other internet traffic, etc) via tunnel, I can see transfers close to that (rate of 120KB). However if they download a file from me, or I upload a file to them, its half of that. I looked at the graphics of the ASA firewall at their end and I can clearly see it capping at half of the available bandwidth. I tried toggling MTU and MSS settings on both sides and no effect.

Any ideas what is constraining this?

Here is a show run int on both endpoints:

Local Site:
interface Serial1/0
description OUTSIDE
bandwidth 6316
ip address 10.1.1.2 255.255.255.252
ip verify unicast reverse-path
ip virtual-reassembly
rate-limit input access-group 102 3000000 562500 1125000 conform-action continu
e exceed-action drop
rate-limit input access-group 105 3000000 562500 1125000 conform-action continu
e exceed-action drop
encapsulation ppp
ip route-cache flow
keepalive 8 3
dsu bandwidth 6316
scramble
crypto map tunnel_map

Remote Site:

interface Ethernet0/0
nameif outside
security-level 0
ip address 20.1.1.1 255.255.255.128

 

[spidey07]

what are you trying to do with your rate-limit commands?

your burst min and normal are way too big and probably screwing up the queue. Those values are in bytes and control how the queues are setup and policed. Try just using 8-10% of the of bandwidth as a general guide. Soo...

3,000,000/8 = 375000 bytes.
375000B / 10 = 37500

try this for the burst and see what happens. Also "show queue" and "show queueing" will let you know if it's the queue that is doing the dropping to shape the traffic.

rate-limit input access-group 102 3000000 37500 37500 conform-action continue exceed-action drop

 

[oddyager]

sorry, my bad for not explaining that portion. the rate-limit stuff is for FTP traffic which ive designated so it shouldn't have any effect.