Re: [nsp] tcp intercept and CPU

• Next message: Daniele Orlandi: "Periodic slowness"
• Previous message: Siva Valliappan: "Re: [nsp] tcp intercept and CPU"
• Maybe in reply to: Hank Nussbacher: "[nsp] tcp intercept and CPU"
• Next in thread: Rubens Kuhl Jr.: "RE: [nsp] tcp intercept and CPU"
• Reply: Rubens Kuhl Jr.: "RE: [nsp] tcp intercept and CPU"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

7206VSR/NSE or ESR 10000 8-)

This seems to be what Cisco is positioning for higher end applications
where you have to actually look at packets. We have a couple of the
NSE'd 7206, but haven't done anything with them yet.

Beyond that I think there's supposed to be a "high touch" engine on
the way to plug in the 6500 switch chassies.

Whether Cisco will every squeeze out a VIP-8 or VIP-X for the 7500
series that can keep up with the performance developments for the
7206 and other toys is doubtful, I'd suspect that resources are
being focused on newer platforms needed to preserve Cisco market
position and profit margins aginst Juniper and other "next generation"
competetion on the horizon.

What usually happens is that developments/upgrades that were on the
roadmap for a product family are delayed, if they're finally released
sales are lackluster because they're behind the curve, and evetually
things that we in design, lab or test quietly vanish.

                                                George

> From cisco-nsp-request@puck.nether.net Sat Oct 28 13:28:11 2000
> Resent-Date: Sat, 28 Oct 2000 13:23:44 -0400
> Received-Date: Sat, 28 Oct 2000 13:20:52 -0400
> X-Sender: hank@max.ibm.net.il
> Date: Sat, 28 Oct 2000 19:20:28 +0200
> To: cisco-nsp@puck.nether.net
> From: Hank Nussbacher <hank@att.net.il>
> In-Reply-To: <200010211252.FAA28980@sj-cse-425.cisco.com>
> References: <20001021073214.A372@southwind.net>
> Subject: [nsp] tcp intercept and CPU
> Resent-From: cisco-nsp@puck.nether.net
> X-Mailing-List: <cisco-nsp@puck.nether.net> archive/latest/4157
> X-Loop: cisco-nsp@puck.nether.net
> Precedence: list
> Resent-Sender: cisco-nsp-request@puck.nether.net
>
> Running on a Cisco 7507 [RSP4, ip cef], with IOS 12.0(11). CPU was at
> 15%. After turning on tcp intercept CPU runs around 40-50%. Typical level
> of SYNs runs around:
>
> dexamol#sho tcp inter stat
> Intercepting new connections using access-list 120
> 34 incomplete, 292 established connections (total 326)
> 367 connection requests per minute
>
> Does anyone know how to reduce CPU when running tcp intercept?
>
> -Hank
>
>
> `V

• Next message: Daniele Orlandi: "Periodic slowness"
• Previous message: Siva Valliappan: "Re: [nsp] tcp intercept and CPU"
• Maybe in reply to: Hank Nussbacher: "[nsp] tcp intercept and CPU"
• Next in thread: Rubens Kuhl Jr.: "RE: [nsp] tcp intercept and CPU"
• Reply: Rubens Kuhl Jr.: "RE: [nsp] tcp intercept and CPU"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:20 EDT