[c-nsp] Help, one 160kbit/s DSL killing my 7206
Matthew Crocker
matthew at crocker.com
Mon Mar 21 09:11:41 EST 2005
> I turned off the debug logging because I thought the logging
> must be what put the router on its knees, but when I let the
> client log on again (he has to update his antivirus...) all the
> DSL lines fall down again (didn't check ping, CPU seems normal
> on the history, but the problem was fixed sooner though). I'm
> not going to remove the reverse-path verification!
Put an ACL on the outbound port of your 7206 to only allow your subnets
out. Then you can safely remove the reverse-path stuff. The ACL on the
outbound Ethernet should use less CPU than the reverse-path on each
Virtual-Interface.
Is there any way your customer can filter packets at their end of the
DSL line?
More information about the cisco-nsp
mailing list