[c-nsp] 12.2(33)SRA is finally out!
Tim Stevenson
tstevens at cisco.com
Tue Jun 27 11:39:47 EDT 2006
The model is that the ACL TCAM is programmed to punt just initial TCP
SYN packets to the RP CPU so the MSS can be modified as it transits the router.
Yes, this has implications for the CPU utilization in the face of
heavy SYN traffic - you can configure the ACL bridge input rate
limiter on PFC3 to rate limit traffic punted due to an ACL bridge
result (mls rate-limit unicast acl input <rate>), but doing so could
be a tradeoff between CPU & session establishment time.
Thanks,
Tim
At 04:27 AM 6/27/2006, Ian Henderson submitted:
>On Sun, 25 Jun 2006, Asbjorn Hojmark - Lists wrote:
>
> > I don't know for sure, but I don't see how it could be. The MSS is a TCP
> > option, and when it's changed, you have to recalculate headers checksums
> > etc.
>
>That's why I posted the question - it sounded an odd thing to add.
>
>Since posting, our Cisco SE has told us that a number of the features in
>SRA were crossported from the 7200, possibly including CEF based Adjust
>MSS.
>
>--
>Ian Henderson, CCIE #14721
>Senior Network Engineer, iiNet Limited
>_______________________________________________
>cisco-nsp mailing list cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
Tim Stevenson, tstevens at cisco.com
Routing & Switching CCIE #5561
Technical Marketing Engineer, Catalyst 6500
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759
********************************************************
The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.
More information about the cisco-nsp
mailing list