[cisco-bba] LNS with 7200 with NPE-G1

Richard Licon (rlicon) rlicon at cisco.com
Tue Oct 18 17:43:49 EDT 2005 

As Dennis mentions, MPF might be a good fit here for this config,
especially since the interfaces appear to be only ethernet.
More can be found here:
http://cisco.com/en/US/partner/products/sw/iosswrel/ps5413/products_feat
ure_guide09186a00804c2d31.html 

-----Original Message-----
From: cisco-bba-bounces at puck.nether.net
[mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Dennis Peng
(dpeng)
Sent: Tuesday, October 18, 2005 11:34 AM
To: Christian Schmit
Cc: cisco-bba at puck.nether.net
Subject: Re: [cisco-bba] LNS with 7200 with NPE-G1

Your config is very basic, I don't see anything that would cause process
switching or something detrimental to the CPU. How much traffic, in
aggregate, are these 200 users pushing (bps and pps)? 16k sessions is a
control-plane limitation, but if you have broadband traffic, you'll hit
the data-plane limit much faster (16k is really for narrowband). MPF can
greatly help improve data-plane performance.

Dennis

Christian Schmit [cschmit at vo.lu] wrote:
> 
> We are currently running a test setup using a 7200/G1 device as LNS. 
> The telco operates as LAC Juniper ERX devices.
> 
> Everything is working as expected but the CPU load on the G1 is quite 
> high. Having around 200 PPP sessions on the LNS the CPU load is 
> already at 11%. In other words this would mean that around 2000 users 
> would put the box to 100% CPU usage which is very far away from the 
> advertised 16 000 broadband sessions for the G1.
> 
> Running IP-Plus 12.3(16).
> 
> Do I have a CPU killer in my config?
> 
> Christian
> 
> 
> My config:
> -----------
> version 12.3
> service timestamps debug datetime msec service timestamps log datetime

> msec service password-encryption no service dhcp !
> hostname LNS
> !
> boot-start-marker
> boot-end-marker
> !
> enable password xxxxxxxxxxxxxxxxxxxxxxxxxx !
> clock timezone GMT 1
> clock summer-time MET recurring last Sun Mar 3:00 last Sun Oct 3:00 
> aaa new-model !
> !
> aaa authentication login default enable aaa authentication ppp default

> group radius aaa authorization network default group radius aaa 
> accounting delay-start aaa accounting update periodic 240 aaa 
> accounting network default start-stop group radius aaa session-id 
> common ip subnet-zero no ip source-route !
> !
> ip cef
> no ip domain lookup
> ip name-server xxxxxxxxxxxx
> ip name-server xxxxxxxxxxxx
> !
> vpdn enable
> vpdn ip udp ignore checksum
> !
> vpdn-group 1
>  accept-dialin
>   protocol l2tp
>   virtual-template 1
>  terminate-from hostname LAC
>  lcp renegotiation on-mismatch
>  l2tp tunnel password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> !
> interface Loopback0
>  ip address xxxxxxxxxxxxxxxxxxxxx
> !
> interface Loopback1
>  ip address xxxxxxxxxxxxxxxxxxxxx
> !
> interface GigabitEthernet0/1
>  description Connection to Vlan 13
>  ip address xxxxxxxxxxxxxxxxxxxx
>  ip ospf message-digest-key 10 md5 7 xxxxxxxxxxxxxxxxxx  duplex full  
> speed 1000  media-type rj45  no negotiation auto !
> interface GigabitEthernet0/2
>  no ip address
>  shutdown
>  duplex auto
>  speed auto
>  media-type rj45
>  negotiation auto
> !
> interface GigabitEthernet0/3
>  no ip address
>  shutdown
>  duplex auto
>  speed auto
>  media-type rj45
>  negotiation auto
> !
> interface Virtual-Template1
>  ip unnumbered Loopback1
>  ip tcp adjust-mss 1420
>  ip mroute-cache
>  peer default ip address pool VODSL
>  ppp mtu adaptive
>  ppp authentication pap chap
> !
> router ospf 101
>  log-adjacency-changes
>  area 0 authentication message-digest
>  summary-address xxxxxxxxxxxxxxxxxxxx
>  summary-address xxxxxxxxxxxxxxxxxxxxx  redistribute connected subnets

> redistribute static subnets  passive-interface Virtual-Template1  
> network xxxxxxxxxxxxxxxxxxx area 0  network xxxxxxxxxxxxxxxxxxx area 0

> !
> ip local pool VODSL xxxxxxxxxxxxxxxxxxxx ip local pool VODSL 
> xxxxxxxxxxxxxxxxxxxx ip classless ip route 0.0.0.0 0.0.0.0 
> xxxxxxxxxxxxxxxxx ip route xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 ip 
> route xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 ip route 
> xxxxxxxxxxxxxxxxxxxxxxxxx Loopback0 10 no ip http server !
> !
> access-list 1 permit xxxxxxxxxxxxxxxxx
> access-list 1 deny   any
> access-list 50 permit xxxxxxxxxxxxxxxx
> access-list 50 deny   any
> no cdp run
> !
> snmp-server community xxxxxxxxxxxxxxxxx RW 1 !
> radius-server attribute nas-port format d radius-server host 
> xxxxxxxxxx auth-port 1645 acct-port 1646 key 7 xxxxx
> 
> radius-server domain-stripping
> radius-server unique-ident 3
> radius-server vsa send accounting
> !
> !
> gatekeeper
>  shutdown
> !
> line con 0
>  stopbits 1
> line aux 0
>  stopbits 1
> line vty 0 4
>  access-class 50 in
> !
> ntp clock-period 17180061
> ntp server xxxxxxxxxxxx
> ntp server xxxxxxxxxxxx
> !
> end
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

More information about the cisco-bba mailing list