[cisco-bba] LNS with 7200 with NPE-G1
Richard Licon (rlicon)
rlicon at cisco.com
Tue Oct 18 17:43:49 EDT 2005
As Dennis mentions, MPF might be a good fit here for this config,
especially since the interfaces appear to be only ethernet.
More can be found here:
http://cisco.com/en/US/partner/products/sw/iosswrel/ps5413/products_feat
ure_guide09186a00804c2d31.html
-----Original Message-----
From: cisco-bba-bounces at puck.nether.net
[mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Dennis Peng
(dpeng)
Sent: Tuesday, October 18, 2005 11:34 AM
To: Christian Schmit
Cc: cisco-bba at puck.nether.net
Subject: Re: [cisco-bba] LNS with 7200 with NPE-G1
Your config is very basic, I don't see anything that would cause process
switching or something detrimental to the CPU. How much traffic, in
aggregate, are these 200 users pushing (bps and pps)? 16k sessions is a
control-plane limitation, but if you have broadband traffic, you'll hit
the data-plane limit much faster (16k is really for narrowband). MPF can
greatly help improve data-plane performance.
Dennis
Christian Schmit [cschmit at vo.lu] wrote:
>
> We are currently running a test setup using a 7200/G1 device as LNS.
> The telco operates as LAC Juniper ERX devices.
>
> Everything is working as expected but the CPU load on the G1 is quite
> high. Having around 200 PPP sessions on the LNS the CPU load is
> already at 11%. In other words this would mean that around 2000 users
> would put the box to 100% CPU usage which is very far away from the
> advertised 16 000 broadband sessions for the G1.
>
> Running IP-Plus 12.3(16).
>
> Do I have a CPU killer in my config?
>
> Christian
>
>
> My config:
> -----------
> version 12.3
> service timestamps debug datetime msec service timestamps log datetime
> msec service password-encryption no service dhcp !
> hostname LNS
> !
> boot-start-marker
> boot-end-marker
> !
> enable password xxxxxxxxxxxxxxxxxxxxxxxxxx !
> clock timezone GMT 1
> clock summer-time MET recurring last Sun Mar 3:00 last Sun Oct 3:00
> aaa new-model !
> !
> aaa authentication login default enable aaa authentication ppp default
> group radius aaa authorization network default group radius aaa
> accounting delay-start aaa accounting update periodic 240 aaa
> accounting network default start-stop group radius aaa session-id
> common ip subnet-zero no ip source-route !
> !
> ip cef
> no ip domain lookup
> ip name-server xxxxxxxxxxxx
> ip name-server xxxxxxxxxxxx
> !
> vpdn enable
> vpdn ip udp ignore checksum
> !
> vpdn-group 1
> accept-dialin
> protocol l2tp
> virtual-template 1
> terminate-from hostname LAC
> lcp renegotiation on-mismatch
> l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> !
> interface Loopback0
> ip address xxxxxxxxxxxxxxxxxxxxx
> !
> interface Loopback1
> ip address xxxxxxxxxxxxxxxxxxxxx
> !
> interface GigabitEthernet0/1
> description Connection to Vlan 13
> ip address xxxxxxxxxxxxxxxxxxxx
> ip ospf message-digest-key 10 md5 7 xxxxxxxxxxxxxxxxxx duplex full
> speed 1000 media-type rj45 no negotiation auto !
> interface GigabitEthernet0/2
> no ip address
> shutdown
> duplex auto
> speed auto
> media-type rj45
> negotiation auto
> !
> interface GigabitEthernet0/3
> no ip address
> shutdown
> duplex auto
> speed auto
> media-type rj45
> negotiation auto
> !
> interface Virtual-Template1
> ip unnumbered Loopback1
> ip tcp adjust-mss 1420
> ip mroute-cache
> peer default ip address pool VODSL
> ppp mtu adaptive
> ppp authentication pap chap
> !
> router ospf 101
> log-adjacency-changes
> area 0 authentication message-digest
> summary-address xxxxxxxxxxxxxxxxxxxx
> summary-address xxxxxxxxxxxxxxxxxxxxx redistribute connected subnets
> redistribute static subnets passive-interface Virtual-Template1
> network xxxxxxxxxxxxxxxxxxx area 0 network xxxxxxxxxxxxxxxxxxx area 0
> !
> ip local pool VODSL xxxxxxxxxxxxxxxxxxxx ip local pool VODSL
> xxxxxxxxxxxxxxxxxxxx ip classless ip route 0.0.0.0 0.0.0.0
> xxxxxxxxxxxxxxxxx ip route xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 ip
> route xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 ip route
> xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 no ip http server !
> !
> access-list 1 permit xxxxxxxxxxxxxxxxx
> access-list 1 deny any
> access-list 50 permit xxxxxxxxxxxxxxxx
> access-list 50 deny any
> no cdp run
> !
> snmp-server community xxxxxxxxxxxxxxxxx RW 1 !
> radius-server attribute nas-port format d radius-server host
> xxxxxxxxxx auth-port 1645 acct-port 1646 key 7 xxxxx
>
> radius-server domain-stripping
> radius-server unique-ident 3
> radius-server vsa send accounting
> !
> !
> gatekeeper
> shutdown
> !
> line con 0
> stopbits 1
> line aux 0
> stopbits 1
> line vty 0 4
> access-class 50 in
> !
> ntp clock-period 17180061
> ntp server xxxxxxxxxxxx
> ntp server xxxxxxxxxxxx
> !
> end
>
>
>
>
>
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
More information about the cisco-bba
mailing list