Fw: [c-nsp] A Stable BRAS IOS? + performance

Osama I. Dosary oid at saudi.net.sa
Tue Dec 7 03:37:59 EST 2004 

What about the12.3 B-train? Wasn't that designed for such services?
/Osama

Brad Bonin wrote:

>Without looking at the config or processes, it could be a number of things including the way you handle routing.  May be best to
>open a TAC case and let them review your config/processes/memory usage.
>
>I think the best place to be is 12.3 mainline, which supports G-1.  12.3T provides some enhancements, especially if SSG is used.  If
>you just need the basics (L2TP, PPP termination, etc.), then stick with 12.3.  The end game is to go to 12.3 GD when it is
>available.
>
>brad at cisco.com 
>
>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Osama I. Dosary
>Sent: Monday, December 06, 2004 8:01 AM
>To: cisco-nsp at puck.nether.net
>Subject: Re: Fw: [c-nsp] A Stable BRAS IOS? + performance
>
>Thanks Gyebnár,
>But we are using a keepalive of 60 seconds!
>Could it be the fragmentation that is causing low performance?
>How can I tell?
>"sh ip traffic" gives absolute values. What is a high fragmentation rate or percentage?
>#sh ip traffic Output:
>IP statistics:
>  Rcvd:  206704290 total, 58613783 local destination
>         7947 format errors, 7 checksum errors, 79 bad hop count
>         0 unknown protocol, 35440 not a gateway
>         0 security failures, 0 bad options, 12419 with options
>  Opts:  0 end, 0 nop, 0 basic security, 0 loose source route
>         0 timestamp, 0 extended security, 0 record route
>         0 stream ID, 0 strict source route, 12419 alert, 0 cipso, 0 ump
>         0 other
>  Frags: 276689 reassembled, 575 timeouts, 0 couldn't reassemble
>         9383185 fragmented, 0 couldn't fragment
>
>Gyebnár Krisztián wrote:
>
>  
>
>>Hi,
>>
>>We running on 12.3.10a on our NPE-G1 without any problem, the
>>performance:
>>~3000 users, no fragmantation(fully 1552 byte MTU path from the LAC to
>>LNS)
>>250Mbit/sec bidirectional taraffic and the cpu about 55-60%, also only 
>>L2TP and PPP session termination is going on.
>>
>>Important: check the keepalive time because the default is 10 seconds 
>>:-(, this cause many overhead on the Network, CPU...
>>we set up this to 30s and the performance is much better :-)
>>
>>Krisztián
>>
>>    
>>
>>>----- Original Message ----- From: "Osama I. Dosary" 
>>><oid at saudi.net.sa>
>>>To: <cisco-nsp at puck.nether.net>
>>>Sent: Monday, December 06, 2004 7:50 AM
>>>Subject: Re: [c-nsp] A Stable BRAS IOS? + performance
>>>
>>>
>>>      
>>>
>>>>Robert E.Seastrom wrote:
>>>>
>>>>        
>>>>
>>>>>"Osama I. Dosary" <oid at saudi.net.sa> writes:
>>>>>
>>>>>
>>>>>          
>>>>>
>>>>>>Hello,
>>>>>>
>>>>>>We are using Cisco routers (NPE-G1) as a NAS and LNS. No PVCs are 
>>>>>>terminated on these routers, only L2TP and PPP session termination 
>>>>>>is going on.
>>>>>>
>>>>>>We have having difficulting finding a stable IOS to run on these 
>>>>>>routers.
>>>>>>
>>>>>>Does anyone know of a good stable IOS they have been using for the 
>>>>>>same/similar purpose, and recommend?
>>>>>>
>>>>>>            
>>>>>>
>>>>>I've been using c7200-js-mz.123-8.T4.bin for about six weeks now as 
>>>>>an LNS; while it's not GD it runs quite nicely on an NPE300 and I 
>>>>>believe will run on your G1 as well.  Our load peaks at a little 
>>>>>over 1600 simultaneous users, 55% CPU, 50 Mbit aggregate (up + 
>>>>>down) traffic through router (your mileage will obviously vary 
>>>>>since you have a much more studly CPU).  CPU load is slightly 
>>>>>inflated because of outstanding issues with a few hosts that are 
>>>>>moving oversized L2TP packets that get fragmented and need 
>>>>>reassembly to pop the PPPoE frame (fragment reassembly is most 
>>>>>assuredly *not* in the fast switching path).
>>>>>
>>>>>
>>>>>          
>>>>>
>>>>On our NPE-G1 (for Dialup) load peaks at ~3000 users, 110Mbps 
>>>>(up+down) traffic and CPU util is about 80%. I feel like we are 
>>>>doing something wrong, according to Cisco docs, this router should 
>>>>be able to handle tons more.
>>>>
>>>>Even when we used to run NPE-300s for dialup, it could not handle 
>>>>more than 900 sessions, with CPU over 90%. What could be the reason?
>>>>We used various IOS versions, without much difference in 
>>>>performance. We noticed that when the B-train version is used we 
>>>>save about 5-10% on CPU cycles. But it is still far from the router 
>>>>specifications.
>>>>
>>>>Could this be a matter of fragmentation of the L2TP packets that 
>>>>could be causing bad performance.
>>>>Any ideas?
>>>>
>>>>
>>>>-Osama
>>>>
>>>>
>>>>        
>>>>

More information about the cisco-nsp mailing list