-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 List,
> I will work on it and report the results accordingly. > As promised - here comes the report.... 1) I have reworked the ACL to introduce the "shortcuts" like "permit tcp any any established" and permiting all traffic to customer pools upfront. It looks like the majority of traffic is now permited and about 8% of is matched for the last "permit ip any any" (vs 77%) with previous ACL. 2) Also I noticed that I haven't got "no ip unreachables" on the port so I have enabled that. Since then the "RP PAS Features" punts stopped increasing.... 3) Finally - the CPU load - there is no significant drop of CPU load (no immediate effect). I will monitor the CPU for longer periods to see if there is at least any trend (up, down, no change). (box is pushing 480Mbps/90kps of input traffic #sh ver | in IOS|processo Cisco IOS Software, 7301 Software (C7301-K91P-M), Version 12.2(28)SB6, RELEASE SOFTWARE (fc1) Cisco 7301 (NPE) processor (revision D) with 983040K/65536K bytes of memory.) Seems I need a HW upgrade anyway. Also I will try to upgrade to 12.4.20T but not now. Best Regards, - -- - -mat -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIz7MjIvBv0k5esR4RAkUoAKCVREfOGZZ/tQhLm3jM264kpReHPwCeJLrm 8Le8SjzUB3xNIQnufd7Ycaw= =c2Ct -----END PGP SIGNATURE----- _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/