On Thu, Nov 18, 2010 at 03:18:04PM -0800, Sam Chesluk wrote:
2) While the IPSec portion is hardware accelerated, the GRE
encapsulation is not, unless this is a Cat6500/CISCO7600 router, or
7200VXR with C7200-VSA card. Because of this, the GRE process itself
will consume a fairly large amount
On Thu, Nov 18, 2010 at 02:47:35PM -0800, Seth Mattinen wrote:
The ISR series do have onboard hardware crypto, but I don't know offhand
if it can handle a full DS3 worth.
My first guess is fragment reassembly would probably kill it fast.
We're not seeing fragmentation. The MTU of the
On Thursday 18 November 2010 18:18:04 Sam Chesluk wrote:
There are a couple potential issues, that when looked at in whole, add
up to a significant performance impact.
1) IPSec + GRE involves two forwarding operations, one to send it to the
tunnel interface , and another to send the
We're running GRE/IPSec transport over a point-to-point DS3.
We're also doing some QoS. The traffic mix is voice; our
average packet size can be as low as 250 bytes at times.
We are seeing incredibly high CPU when the traffic levels
approach 30Mb/s and around 11kpps in each direction, at times
This is probably more appropriate for the cisco-nsp list, but what
process is taking up the CPU or is it due to interrupts?
To the best of my knowledge the crypto should be hardware accelerated,
while everything else is going to be done in software on the 3800.
-Pete
On Thu, Nov 18, 2010 at
On 11/18/2010 14:39, Pete Lumbis wrote:
This is probably more appropriate for the cisco-nsp list, but what
process is taking up the CPU or is it due to interrupts?
To the best of my knowledge the crypto should be hardware accelerated,
while everything else is going to be done in software on
...@rollernet.us]
Sent: Thursday, November 18, 2010 3:48 PM
To: nanog@nanog.org
Subject: Re: Cisco GRE/IPSec performance, 3845 ISR/3945 ISR G2
On 11/18/2010 14:39, Pete Lumbis wrote:
This is probably more appropriate for the cisco-nsp list, but what
process is taking up the CPU or is it due
7 matches
Mail list logo