DenisF Posted June 14, 2005 Posted June 14, 2005 Помогите определиться с покупкой оборудования. сейчас работает 3640 в качестве L2TP Network Server (LNS)терминирование PPP(модем 56К). но вот беда уже при 40-50 пользователях загрузка проца на 100% нужен новый маршрутизатор. но вот какой? может поможете с выбором модели. Вставить ник Quote
smsm Posted June 14, 2005 Posted June 14, 2005 а можно подробнее что/как сделано ? Вставить ник Quote
DenisF Posted June 14, 2005 Author Posted June 14, 2005 lucent MAX TNT принимает звонки пользователей и через L2TP передает на нашу циску. мы их в РРР и дальше в интернет. технология давольно известная. получаеться нечто вроде аренды модемного пула. вот только 3640 нехватает производительности надо 120 клиентов одновременно обслуживать. а тут максимум 50 получаеться. Вставить ник Quote
Прохожий Posted June 14, 2005 Posted June 14, 2005 lucent MAX TNT принимает звонки пользователей и через L2TP передает на нашу циску. мы их в РРР и дальше в интернет.технология давольно известная. получаеться нечто вроде аренды модемного пула. вот только 3640 нехватает производительности надо 120 клиентов одновременно обслуживать. а тут максимум 50 получаеться. Вариантов апгрейда нет... Четких данные по производительности на таких приложениях тоже нет. Смотрите в сторону 38хх серии, вроде модули те же хотя бы можно использовать. Сравнивайте типы и скорости их процессоров - скорее всего загрузка будет довольно линейно расти от абонентов. P.S. Проц - всегда был слабым местом кошек. И это не лечится. Вставить ник Quote
smsm Posted June 14, 2005 Posted June 14, 2005 а 50 юзверей по.. 5 килобайтиков - 250К.. ну да, для проца предел а шифрация ? еще чем-нить она занимается ? а нужно только впн ? http://www.cisco.com/warp/public/765/tools...performance.pdf из новых 28хх скорее всего сейчас 2691 стоит, около 3М тащит.. но на пределе уже. Вставить ник Quote
DenisF Posted June 14, 2005 Author Posted June 14, 2005 ничем больше не занимается, только ВПН Вставить ник Quote
Дятел Posted June 14, 2005 Posted June 14, 2005 http://cisnet.ru/articles/router_speed_1.htm можно посравнивать и повыбирать Вставить ник Quote
DenisF Posted June 14, 2005 Author Posted June 14, 2005 эх, взять бы по тестить у кого..... Вставить ник Quote
Nag Posted June 14, 2005 Posted June 14, 2005 Могу дать потестить АР1000 http://4isp.ru/core.asp?main=catalog&act=page&id=1052 # Скорость IP-форвардинга (нешифрованный трафик): 500 Мбит/с # Пропускная способность (нешифрованный трафик): 200 тыс. пакетов в секунду # Скорость IP-форвардинга (шифрованный трафик 3DES): 155 Мбит/с # Количество туннелей удаленного доступа IPSec: 4000 # Количество туннелей сайт-сайт IPSec: 1000 # Количество туннелей L2TP: 1000 Только сразу скажу - настройка этого зверя - штука нетривиальная после сиски... Вставить ник Quote
DenisF Posted June 14, 2005 Author Posted June 14, 2005 пакупали у вас AP 450. настройка, это песня ещё та..... к примеру сессии рвутся сами по себе и никто помочь не может... и ещё к сожалению он как то с наши радиусом не живёт. по этому лежит себе коробочка в сторонке. по описанию не коробка, сказка. а в жизни.... Вставить ник Quote
Guest Posted June 15, 2005 Posted June 15, 2005 Я бы брал 2851 или если деньги позволяют 3825. Имеет смысл посмтотреть совместимость модулей от 3640 http://www.cisnet.ru/articles/module_crossref.htm Вставить ник Quote
Guest Posted June 15, 2005 Posted June 15, 2005 3620/3640 должна без затей тянуть > 100 VPDN клиентов выключен ip tcp header-comression ли у вас ? нет ли сжатия программного? Какой IOS ? Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 кусок конфига vpdn enable vpdn logging vpdn logging local ! vpdn-group 1 ! Default L2TP VPDN group accept-dialin protocol l2tp virtual-template 1 session-limit 255 source-ip ********* local name vpdn_e lcp renegotiation on-mismatch l2tp tunnel hello 0 no l2tp tunnel authentication l2tp tunnel password 7 ****** l2tp tunnel timeout no-session never l2tp ip udp checksum ip pmtu interface Virtual-Template1 ip unnumbered FastEthernet0/0 ip tcp header-compression ip tcp adjust-mss 1420 peer default ip address pool L96 ppp authentication pap chap acl практически нет, пробовали включать шейпер, так она вобше умерала. IOS 3600 Software (C3640-IS-M), Version 12.3(6), RELEASE SOFTWARE (fc3) Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 сейчас к примеру Total tunnels 7 sessions 23 загрузка проца 80-90% Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 и ещё постоянно валяться вот такие ошибки, от загрузки независят. может знает кто что делать. show vpdn history failure User: *****, MID = 27243 NAS: vpdn_lac, IP address = ***********, CLID = 32603 Gateway: vpdn_e, IP address = ************, CLID = 20821 Log time: Jun 15 14:25:17.517, Error repeat count: 1 Failure type: The remote server closed this session Failure reason: Result 1, Error 0 у юзера это выглидит как модем не ответил вовремя. Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 sh int switching FastEthernet0/0 Throttle count 0 Drops RP 23946005 SP 0 SPD Flushes Fast 0 SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 2657618 Drops 0 Protocol IP Switching path Pkts In Chars In Pkts Out Chars Out Process 1513779218 3470478389 1509145510 2974069046 Cache misses 0 - - - Fast 297318101 1629479230 296112087 3138816480 Auton/SSE 0 0 0 0 Protocol ARP Switching path Pkts In Chars In Pkts Out Chars Out Process 409829 24589740 43480 2608800 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Protocol CDP Switching path Pkts In Chars In Pkts Out Chars Out Process 0 0 12 3730 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Protocol Other Switching path Pkts In Chars In Pkts Out Chars Out Process 15 900 1016069 60964140 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 All statistics for this interface are zero. Virtual-Access2 Protocol IP Switching path Pkts In Chars In Pkts Out Chars Out Process 13589421 1109099482 9203647 1988768056 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Protocol Other Switching path Pkts In Chars In Pkts Out Chars Out Process 182 18847 103250 1739987 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 NOTE: all counts are cumulative and reset only after a reload. Virtual-Access3 Protocol IP Switching path Pkts In Chars In Pkts Out Chars Out Process 13973704 1230251716 9782856 2082024785 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Protocol Other Switching path Pkts In Chars In Pkts Out Chars Out Process 239 28247 104525 1760584 Cache misses 0 - - - Fast 0 0 0 0 Auton/SSE 0 0 0 0 Вставить ник Quote
Nailer Posted June 15, 2005 Posted June 15, 2005 Protocol IP Switching path Pkts In Chars In Pkts Out Chars Out Process 13589421 1109099482 9203647 1988768056 Cache misses 0 - - - Fast 0 0 0 0 <- Вот тут вся проблема, циска считает весь траффик от клиентов на процессоре, без кэша и без cef-а. Если добьетесь, чтобы траффик считался на cef-е, то клиентов на 100-120 ее должно хватить.. Покажите: sh ip cef sh cef interface Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 sh ip cef Prefix Next Hop Interface 0.0.0.0/0 195.162.56.41 FastEthernet0/0 0.0.0.0/32 receive 192.168.76.16/28 attached FastEthernet0/0 192.168.76.16/32 receive 192.168.76.19/32 192.168.76.19 FastEthernet0/0 192.168.76.21/32 192.168.76.21 FastEthernet0/0 192.168.76.22/32 192.168.76.22 FastEthernet0/0 192.168.76.24/32 receive 192.168.76.25/32 192.168.76.25 FastEthernet0/0 192.168.76.26/32 192.168.76.26 FastEthernet0/0 192.168.76.31/32 receive 192.168.96.1/32 attached Virtual-Access55 192.168.96.4/32 attached Virtual-Access3 192.168.96.8/32 attached Virtual-Access50 192.168.96.11/32 attached Virtual-Access45 192.168.96.17/32 attached Virtual-Access4 192.168.96.36/32 attached Virtual-Access60 192.168.96.51/32 attached Virtual-Access26 192.168.96.52/32 attached Virtual-Access23 192.168.96.55/32 attached Virtual-Access52 192.168.96.62/32 attached Virtual-Access53 192.168.96.64/32 attached Virtual-Access46 192.168.96.76/32 attached Virtual-Access61 - - - 195.162.56.40/29 attached FastEthernet0/0 195.162.56.40/32 receive 195.162.56.41/32 195.162.56.41 FastEthernet0/0 Prefix Next Hop Interface 195.162.56.42/32 195.162.56.42 FastEthernet0/0 195.162.56.43/32 195.162.56.43 FastEthernet0/0 195.162.56.44/32 receive 195.162.56.45/32 195.162.56.45 FastEthernet0/0 195.162.56.46/32 195.162.56.46 FastEthernet0/0 195.162.56.47/32 receive 224.0.0.0/4 drop 224.0.0.0/24 receive 255.255.255.255/32 receive Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 sh cef interface FastEthernet0/0 is up (if_number 3) Corresponding hwidb fast_if_number 3 Corresponding hwidb firstsw->if_number 3 Internet address is 195.162.56.44/29 Secondary address 192.168.76.24/28 ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Hardware idb is FastEthernet0/0 Fast switching type 1, interface type 18 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 2(2) Slot 0 Slot unit 0 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 FastEthernet0/1 is down (if_number 4) Corresponding hwidb fast_if_number 4 Corresponding hwidb firstsw->if_number 4 Internet Protocol processing disabled Hardware idb is FastEthernet0/1 Fast switching type 1, interface type 18 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 3(3) Slot 0 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 VoIP-Null0 is up (if_number 2) Corresponding hwidb fast_if_number 2 Corresponding hwidb firstsw->if_number 2 Internet Protocol processing disabled Hardware idb is VoIP-Null0 Fast switching type 13, interface type 98 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 1(1) Slot -1 Slot unit -1 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Null0 is up (if_number 1) Corresponding hwidb fast_if_number 1 Corresponding hwidb firstsw->if_number 1 Internet Protocol processing disabled Interface is marked as nullidb Packets switched to this interface are dropped to the next slow path: IP extended security options Hardware idb is Null0 Fast switching type 13, interface type 0 IP CEF switching disabled IP Null turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 0(0) Slot -1 Slot unit -1 Unit 0 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Template1 is down (if_number 5) Corresponding hwidb fast_if_number 5 Corresponding hwidb firstsw->if_number 5 Internet address is 0.0.0.0/0 Unnumbered interface. Using address of FastEthernet0/0 (195.162.56.44) ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: PPP - not open Hardware idb is Virtual-Template1 Fast switching type 7, interface type 20 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x2000000, Output fast flags 0x200000 ifindex 4(4) Slot -1 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access1 is down (if_number 6) Corresponding hwidb fast_if_number 6 Corresponding hwidb firstsw->if_number 6 Internet Protocol processing disabled Interface is marked as point to point interface Hardware idb is Virtual-Access1 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 5(5) Slot -1 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access1.1 is down (if_number 7) Corresponding hwidb fast_if_number 6 Corresponding hwidb firstsw->if_number 6 Internet Protocol processing disabled Interface is marked as point to point interface Hardware idb is Virtual-Access1 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 5(5) Slot -1 Slot unit 1 Unit 1 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access2 is down (if_number 8) Corresponding hwidb fast_if_number 8 Corresponding hwidb firstsw->if_number 8 Internet Protocol processing disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: IP Header Compression (RTP) Hardware idb is Virtual-Access2 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 6(6) Slot -1 Slot unit 2 Unit 2 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access3 is up (if_number 9) Corresponding hwidb fast_if_number 9 Corresponding hwidb firstsw->if_number 9 Internet address is 0.0.0.0/0 Unnumbered interface. Using address of FastEthernet0/0 (195.162.56.44) ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: IP Header Compression (RTP) Hardware idb is Virtual-Access3 Fast switching type 7, interface type 21 IP CEF switching disabled IP Null turbo vector Input fast flags 0x2000000, Output fast flags 0x200000 ifindex 7(7) Slot -1 Slot unit 3 Unit 3 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access4 is down (if_number 10) Corresponding hwidb fast_if_number 10 Corresponding hwidb firstsw->if_number 10 Internet Protocol processing disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: IP Header Compression (RTP) Hardware idb is Virtual-Access4 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 8(8) Slot -1 Slot unit 4 Unit 4 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access5 is down (if_number 11) Corresponding hwidb fast_if_number 11 Corresponding hwidb firstsw->if_number 11 Internet Protocol processing disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: IP Header Compression (RTP) Hardware idb is Virtual-Access5 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 9(9) Slot -1 Slot unit 5 Unit 5 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access6 is up (if_number 12) Corresponding hwidb fast_if_number 12 Corresponding hwidb firstsw->if_number 12 Internet address is 0.0.0.0/0 Unnumbered interface. Using address of FastEthernet0/0 (195.162.56.44) ICMP redirects are always sent Per packet load-sharing is disabled IP unicast RPF check is disabled Inbound access list is not set Outbound access list is not set IP policy routing is disabled BGP based policy accounting is disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: L2X Hardware idb is Virtual-Access6 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x2000000, Output fast flags 0x200000 ifindex 10(10) Slot -1 Slot unit 6 Unit 6 VC -1 Transmit limit accumulator 0x0 (0x0) IP MTU 1500 Virtual-Access7 is down (if_number 13) Corresponding hwidb fast_if_number 13 Corresponding hwidb firstsw->if_number 13 Internet Protocol processing disabled Interface is marked as point to point interface Packets switched to this interface are dropped to the next slow path: L2X Hardware idb is Virtual-Access7 Fast switching type 7, interface type 21 IP CEF switching enabled IP CEF Feature Fast switching turbo vector Input fast flags 0x0, Output fast flags 0x0 ifindex 11(11) и так далее.... как добиться то Если добьетесь, чтобы траффик считался на cef-е, то клиентов на 100-120 ее должно хватить как добиться то Вставить ник Quote
Nailer Posted June 15, 2005 Posted June 15, 2005 DenisF, еще sh ip int в части Virtual-Templatе и Virtaul-Access интерфейсов. Вставить ник Quote
DenisF Posted June 15, 2005 Author Posted June 15, 2005 sh ip int FastEthernet0/1 is up, line protocol is down Internet protocol processing disabled Virtual-Access1 is down, line protocol is down Internet protocol processing disabled Virtual-Template1 is down, line protocol is down Interface is unnumbered. Using address of FastEthernet0/0 (195.162.56.44) Broadcast address is 255.255.255.255 MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is enabled IP Flow switching is disabled IP CEF switching is enabled IP CEF Feature Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled IP route-cache flags are Fast, CEF Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled Virtual-Access2 is up, line protocol is up Interface is unnumbered. Using address of FastEthernet0/0 (195.162.56.44) Broadcast address is 255.255.255.255 Peer address is 192.168.96.241 MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is disabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is disabled IP Null turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled IP route-cache flags are Fast, CEF Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is enabled and compressing RTP/IP header compression is disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled Вставить ник Quote
Nailer Posted June 15, 2005 Posted June 15, 2005 DenisF, Может и никак :-) cef штука специфичная, некоторые фичи с ним не работают, хоть убейся.. Вставить ник Quote
.png.5d2afa2996cc6a85d0f2c09b92dd0a28.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.