[nsp] PLZZZZZZZZZ reply

Vincent De Keyzer vincent at dekeyzer.net
Fri Oct 24 08:51:09 EDT 2003 

Are you sure that the CAR is copied from the Group-Async to the single
Async instance? Are you sure you can CAR a template?

I wouldn't know how to check this; I imagine "sh run int as 64" won't
work...

Maybe "sh ip int as 64" shows something about CAR?...

V

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of raz
> Sent: samedi 25 octobre 2003 2:46
> To: cisco-nsp at puck.nether.net
> Subject: [nsp] PLZZZZZZZZZ reply
> 
> 
> Hi there,
> 
>  I am using Cisco As5300 with 120 ports MICA modem and 4 E1 
> interfaces.
> as we are using it for an ISP, to avoid improper uploads 
> generated from dialup users due to worms like blaster and 
> welchia we have tried to stop this upload with CAR command 
> though the command seems to be working but when we check an 
> infected user its upload goes beyond 70 kbps which shouldnt 
> happen if there is proper CAR command implementation.
> I am pasting the CAR configuation in our AS5300.
> 
> 
> interface Group-Async1
>  ip unnumbered FastEthernet0
>  ip access-group 100 in
>  ip access-group 100 out
>  no ip directed-broadcast
>  rate-limit input 8000 8000 9000 conform-action transmit 
> exceed-action drop
>  rate-limit output 32000 8000 9000 conform-action transmit 
> exceed-action drop
>  encapsulation ppp
>  ip tcp header-compression passive
>  async mode interactive
>  peer default ip address pool setup_pool
>  no fair-queue
>  ppp authentication pap
>  ppp multilink
>  group-range 1 120
> 
> according to this CAR configuration the upload shouldnt go 
> higher then 9kbps but infact it goes more than 70kbps as you 
> can see below its more then 9kbps 
> 
> geonet-ds1#show in as 64
> Async64 is up, line protocol is up
>   modem(slot/port)=2/3, state=CONNECTED
>   dsx1(slot/unit/channel)=0/0/4, 
> status=VDEV_STATUS_ACTIVE_CALL.VDEV_STATUS_ALLOCATED.
>   Hardware is Async Serial
>   Interface is unnumbered. Using address of FastEthernet0 
>   MTU 1500 bytes, BW 115 Kbit, DLY 100000 usec,
>      reliability 255/255, txload 2/255, rxload 126/255
>   Encapsulation PPP, loopback not set
>   Keepalive not set
>   DTR is pulsed for 5 seconds on reset
>   LCP Open, multilink Open
>   Last input 00:00:00, output 00:00:00, output hang never
>   Last clearing of "show interface" counters 1w6d
>   Queueing strategy: fifo
>   Output queue 0/10, 9441 drops; input queue 3/10, 0 drops
>   5 minute input rate 57000 bits/sec, 75 packets/sec
>   5 minute output rate 1000 bits/sec, 2 packets/sec
>      3963840 packets input, 352277595 bytes, 0 no buffer
> 
> So i would like to know where i am making the mistake and why 
> the CAR is not functioning as we want it to function.
> 
> would appreciate your help
> 
> Best  regards
> 
> 
> Raz 
> Geonet.
> Pakistan.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list