Cisco IOS/NX-OS/etc. software does not configure the bandwidth for a virtual tunnel interface based on the physical interface to which it is assigned; instead, it applies a default "bandwidth" statement to the interface that depends on model of hardware and the version of software it is running (on many devices the default "BW" for a tunnel is 8kbps!).
As others have mentioned, this bandwidth statement does not actively affect the traffic throughput capability of the tunnel interface- tunnel traffic throughput is limited only by CPU traffic processing capability (if tunnel processing is not being performed in HW- usually not a limitation on most cisco routers unless this is being performed at scale) and the physical interface forwarding hardware. The only exception would be if BW-based QoS policies or custom routing configurations (e.g. non-default EIGRP implementation) were implemented on the tunnel interface, but based on the config you have shared that does not appear to be the case.
The displayed BW, txload and rxload counters that you are worried about are cosmetic only (unless the QoS/routing scenarios above apply) and will not -on their own- limit traffic throughput in any way. If you want the counters to display accurate information, configure the following on each tunnel interface:
interface tunnel <Tunnel Number> ! e.g. int tu45
bandwidth <BW in kbps> ! e.g. bandwidth 2000000 -(2Gbps)
Routers route between networks. You don't route from one network to the same network: This is probably your problem:
ip route 10.0.11.0 255.255.255.0 10.0.11.251
All your other routes are to 192.168.1.171, a hop on a different network (the firewall inside interface):
ip route 0.0.0.0 0.0.0.0 192.168.1.171
ip route 10.0.11.0 255.255.255.0 10.0.11.251
ip route 172.16.10.0 255.255.255.0 192.168.1.171
ip route 192.168.2.0 255.255.255.0 192.168.1.171
!
You can try this:
ip route 0.0.0.0 0.0.0.0 192.168.1.171
ip route 10.0.11.0 255.255.255.0 192.168.1.171
ip route 172.16.10.0 255.255.255.0 192.168.1.171
ip route 192.168.2.0 255.255.255.0 192.168.1.171
!
Edit:
I guess I don't understand the purpose of the Cisco 1921 router. You are routing the same networks on both the 1921 and the ASA. It looks like you are using the ASA as the DHCP server.
You could remove the 1921 and change DHCP to point the gateways to the ASA itself. Alternatively, you could move DHCP to the 1921 and remove the VLANs from the ASA. In either case, you only need the VLANs on one of the devices, and have the 192.168.1.0/24 link between them (you don't need to use a /24 because a /31 or, more traditionally, a /30).
Using static routing, as you have configured, doesn't scale, and, as you have discovered, causes you to manually make changes, which increases the possibility of problems or errors.
If you want both the router and the ASA, you can use OSPF to exchange routes. The ASA would the inject the default route into OSPF, and the 1921 would inject the VLAN routes into OSPF. Each device would automatically learn the routes from the other device through OSPF.
Based on what you have, I would just eliminate the Cisco 1921 router, and change the gateways provided by the ASA. You would need to make the VLAN interfaces on the ASA be inside interfaces.
Best Answer
It's a little complex, and also platform specific in some cases. The most general answer is that the bandwidth statement is used as an input to the EIGRP routing protocol.
There are also cases where the bandwidth command can be applied on a main or subinterface and impact QoS calculations.
In general, unless you're running EIGRP and specifically need it, my advice would be to not use the command at all.