[cisco-nas] IP CEF Problem

Rommel Y. Catabian rommel.catabian at eaccelera.com
Sat Jan 24 06:28:05 EST 2004 

Hi,

Instead of Serial via HDSL modem, we requested a Fast Ethernet connection 
from our uplink provider who happens to be on the same floor as our office. 
However, they requested us to do the rate limiting for our subscribed 
bandwidth of 2048Kbps.

As i read it, i need to enable "IP CEF" on the router (Cisco3660) which also 
double as a Remote Access Server, to make rate-limiting work. However, 
the problem is our dial-up connections become slower when I enable ip cef. 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Here is the IOS version and conf of our router:

CISCO-3660-NAS2#sh version
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3660-IS-M), Version 12.2(2)T4,  RELEASE SOFTWARE 
(fc3)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 09-Feb-02 21:48 by yiyan
Image text-base: 0x600089C0, data-base: 0x61360000

ROM: System Bootstrap, Version 12.0(6r)T, RELEASE SOFTWARE (fc1)

CISCO-3660-NAS2 uptime is 6 weeks, 4 days, 6 hours, 51 minutes
System returned to ROM by power-on
System image file is "flash:c3660-is-mz.122-2.T4.bin"

cisco 3660 (R527x) processor (revision B0) with 253952K/8192K bytes of memory.
Processor board ID JAB041886C2
R527x CPU at 225Mhz, Implementation 40, Rev 10.0, 2048KB L2 Cache
Channelized E1, Version 1.0.
MICA-6DM Firmware: CP ver 2720 - 5/30/2000, SP ver 2720 - 5/30/2000.
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
Primary Rate ISDN software, Version 1.1.


3660 Chassis type: ENTERPRISE
2 FastEthernet/IEEE 802.3 interface(s)
4 Serial network interface(s)
46 terminal line(s)
2 Channelized E1/PRI port(s)
DRAM configuration is 64 bits wide with parity disabled.
125K bytes of non-volatile configuration memory.
24576K bytes of processor board System flash (Read/Write)

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 
CISCO-3660-NAS2#sh run >>>>>>>>>(IP CEF DISABLED)
Building configuration...

Current configuration : 7205 bytes
!
version 12.2
no parser cache
service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname CISCO-3660-NAS2
!
boot system flash c3660-is-mz.122-12a.bin
logging rate-limit console 10 except errors
logging monitor informational
aaa new-model
aaa authentication login console none
aaa authentication login vty group radius enable
aaa authentication login li enable
aaa authentication login radius local
aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting network default start-stop group radius
enable secret 5 $1$33u0$Q.sl.nbqdiAmkmZh45cJv.
!
username xxxxxxx password 7 08245B4F07120A
username xxxxxxx password 7 060A0E2F48541D1816031B08
username xxxxxxx password 7 02030558080303245E4F
username xxxxxxx password 7 09565B05160A1F081E
username xxxxxxx password 7 00171208025A090F0E2F
!
!
clock timezone GMT+8 8
ip subnet-zero
!
!
ip domain-name eaccelera.ph
ip name-server xxx.xxx.xx.1
ip name-server xxx.xxx.xx.2
ip name-server xxx.xxx.xx.184
!
no ip dhcp-client network-discovery
isdn voice-call-failure 0
call rsvp-sync
!
!
!
!
!
fax interface-type modem
mta receive maximum-recipients 0
!
!
controller E1 2/0
 framing NO-CRC4
 ds0-group 1 timeslots 1-15,17-31 type r2-digital r2-compelled
 cas-custom 1
  country philippines use-defaults
!
controller E1 2/1
!
!
interface FastEthernet0/0
 description **UPLINK CONNECTION**
 ip address 203.190.xx.xx 255.255.255.252
 ip nat outside
 rate-limit input 2048000 4000 4000 conform-action transmit exceed-action drop
 no ip mroute-cache
 duplex auto
 speed auto
 fair-queue
 no cdp enable
!
interface FastEthernet0/1
 ip address 203.190.xx.x 255.255.255.224
 ip nat inside
 no ip mroute-cache
 speed auto
 full-duplex
 no cdp enable
!
interface Group-Async0
 ip unnumbered FastEthernet0/1
 encapsulation ppp
 ip tcp header-compression passive
 no ip mroute-cache
 ip policy route-map cacheraq
 async default routing
 async dynamic routing
 async mode dedicated
 peer default ip address pool DialUpPool1
 ppp authentication pap
 ppp ipcp dns 203.190.xx.x 203.190.xx.x
 group-range 129 158
!
interface Group-Async1
 ip unnumbered FastEthernet0/1
 encapsulation ppp
 ip tcp header-compression passive
 no ip mroute-cache
 ip policy route-map cacheraq
 async default routing
 async dynamic routing
 async mode dedicated
 peer default ip address pool DialUpPool
 ppp authentication pap
 ppp ipcp dns 203.190.xx.x 203.190.xx.x
 group-range 97 112
!
ip local pool DialUpPool 203.190.xx.xx 203.190.xx.xx
ip local pool DialUpPool1 203.190.xx.xx 203.190.xx.xx
ip classless
ip route 0.0.0.0 0.0.0.0 203.190.xx.xx
ip route 203.190.xx.xx 255.255.255.224 Null0 250 (ip route for the dial-up, 
Group Async1)
ip route 203.190.xx.xx 255.255.255.224 Null0 250 (ip route for the dial up, 
Group Async2)
no ip http server
!
ip radius source-interface FastEthernet0/1

!
route-map cacheraq permit 10
 match ip address 110
 set ip next-hop 203.190.XX.XX
!

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


Please help me. Thank you in advance.

Rommel Y. Catabian
Eaccelera, Incorporated 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-nas/attachments/20040124/62a6caec/attachment.html

More information about the cisco-nas mailing list