Layer 4 redirect scaling – Cisco 10000 User Manual
Page 64
2-4
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 2 Scalability and Performance
Scaling Enhancements in Cisco IOS Release 12.2(33)SB
–
For Cisco IOS Release 12.3(7)XI, ACLs defined through SSG configuration (RADIUS) are
restricted to mini-ACLs only. Turbo ACLs cannot be used in combination with SSG and
RADIUS. If you apply a Turbo ACL to an SSG session, the following syslog error is generated:
“%C10K_ACLS-3-SSG_TURBO_ACL: acl is a Turbo ACL and cannot be used for SSG.”
Note
If a mini-ACL is on the verge of becoming a turbo ACL (that is, the ACL contains eight
access control entries), SSG redirection can cause the mini-ACL to become a turbo ACL.
For Cisco IOS Release 12.3(7)XI, this change would also cause a syslog error to be
generated as follows: “%C10K_ACLS-3-SSG_ACL_ERR: acl is miniACL but cannot have
another punt rule added.”
•
The Cisco 10000 series router supports a maximum of 2,000 authentication, authorization, and
accounting (AAA) method lists. If you configure more than 2,000 AAA method lists by using the
aaa authentication ppp or aaa authorization network command, traceback messages appear on
the console.
•
To avoid CPU overload and router instability, use the logging rate-limit command to limit the rate
that the Cisco 10000 series router logs system messages. For more information, see the logging
rate-limit command in the Cisco IOS Configuration Fundamentals and Network Management
Command Reference, Release 12.3, located at the following URL:
•
The Cisco 10000 series router high-speed interfaces work efficiently to spread traffic flows equally
over the queues. However, using single traffic streams in a laboratory environment might result in
less-than-expected performance. To ensure accurate test results, test the throughput of the Gigabit
Ethernet, OC-48 POS, or ATM uplink with multiple source or destination addresses. To determine
if traffic is being properly distributed, use the show pxf cpu queue command.
•
The Cisco 10000 series router supports a configuration file of up to 16 megabytes.
•
If you configure create on demand PVCs (individual and within a range) and PPP sessions, RP CPU
utilization can be extremely high when bringing up and tearing down sessions and PVCs. This usage
is a concern only when the configuration contains approximately 30,000 PPP sessions, and
additional services are enabled (such as DBS, ACLs, and service policies).
To reduce the RP CPU usage for PPPoA sessions, reduce the number of configured PVCs in a single
subinterface. To reduce the RP CPU usage for PPPoEoA sessions, use call admission control (call
admission limit command).
Scaling Enhancements in Cisco IOS Release 12.2(33)SB
Cisco IOS Release 12.2(33)SB provides increased scalability for the Layer 4 Redirect feature.
Layer 4 Redirect Scaling
The Layer 4 Redirect feature allows redirection of users' TCP or UDP traffic to a server to control and
increase performance. In Cisco IOS Release12.2(33)SB, the ISG L4R feature is implemented in the PXF.
This design increases the number of redirects to provide higher scalability and performance. This
enhancement is a scalable solution for portals and self-provisioning and is supported on PRE3 and PRE4
only. On a PRE2 L4R translations are done in the RP.