On 04/30/2012 08:41 AM, Nick Hilliard wrote:
On 30/04/2012 16:30, Mackinnon, Ian wrote:
It says a 2911 will top out at about 180M with no features.
that's the figure for 64 byte packets. For imix the feature-free result
will be quite a chunk higher. But then every feature you add (NAT, policy
routing, full dfz, etc) will cause the performance to drop off significantly.
Dave, can you post your interface configuration?
Nick
Yup, tho I think this is most likely the wrong device for the job. I'd
love to get feedback on what I could do better.
interface GigabitEthernet0/0
ip address xxx.xxx.xxx 255.255.255.252
ip access-group OFFICE_LAN in
no ip unreachables
no ip proxy-arp
ip flow egress
ip nat outside
no ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1
no ip address
no ip unreachables
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
no ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
!
interface GigabitEthernet0/1.1
description Old Office Network
encapsulation dot1Q 1 native
ip address 10.0.0.1 255.128.0.0
ip flow ingress
ip nat inside
no ip virtual-reassembly in
ipv6 enable
ipv6 nd ra suppress
ipv6 ospf 15082 area 0
no cdp enable
!
the OFFICE_LAN acl is a 3 line rule to block ssh from all but one
specific external IP.
Dave
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
