newbiegb Posted May 13, 2011 · Report post cisco 7301 в роли pppoe терминатора. при отключеном acl загрузка cpu до 50% при 260/200 in/out mbit на интерфейсе, 34/33 in/out kpps. При включении dynamic acl вида Extended IP access list 105 10 Dynamic test1 permit ip any any permit ip host 192.168.110.25 any permit ip host 192.168.108.222 any (4305 matches) permit ip host 192.168.113.211 any на virtual-template1 загрузка сразу прыгает в потолок. Наданный момент 5|5kpps, 25/30mbit и загрузка 50-60%. ios - c7301-is-mz.124-12c.bin конфиг aaa new-model ! ! aaa authentication ppp default group radius aaa authorization network default group radius aaa accounting delay-start aaa accounting network default start-stop group radius ! aaa session-id common clock timezone MSK 3 ip cef bba-group pppoe PPPoE virtual-template 1 sessions per-mac limit 1 sessions per-vlan limit 1000 sessions auto cleanup ! ! interface Loopback0 description PPPoE users ip address 192.168.101.1 255.255.255.255 no ip redirects no ip unreachables no ip proxy-arp ip virtual-reassembly interface GigabitEthernet0/0.10 encapsulation dot1Q 10 no ip redirects no ip unreachables no ip proxy-arp pppoe enable group PPPoE no cdp enable interface Virtual-Template1 mtu 1492 ip unnumbered Loopback0 ip access-group 105 in no ip redirects no ip proxy-arp ip flow ingress ip flow egress ip virtual-reassembly ip tcp adjust-mss 1412 no peer default ip address ppp authentication ms-chap-v2 chap Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Telesis Posted May 13, 2011 · Report post interface Virtual-Template1 mtu 1492 ip unnumbered Loopback0 ip access-group 105 in no ip redirects no ip proxy-arp ip flow ingress ip flow egress ip virtual-reassembly ip tcp adjust-mss 1412 no peer default ip address ppp authentication ms-chap-v2 chap зачем тут "ip virtual-reassembly" Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...
Konstantin Klimchev Posted May 13, 2011 · Report post access-list compiled Вставить ник Quote Ответить с цитированием Share this post Link to post Share on other sites More sharing options...