Yuri via Unbound-users <[email protected]> wrote: > > For DNS interception (to Unbound, of course) I'm using PBR: > > ip access-list extended intercept-ports > permit udp any any eq domain > permit tcp any any eq domain > deny ip any any > ! > ! > route-map redirect_dns permit 30 > match ip address intercept-ports > set ip next-hop 192.168.200.3 > ! > > which processes on router CPU and sometimes overload them.
That sounds to me like something that should be solvable with a configuration fix. Maybe this? https://community.cisco.com/t5/switching/high-cpu-usage-after-configured-pbr/td-p/2325961 Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Sole, Lundy, Fastnet: Southwest veering west later, 6 to gale 8, occasionally severe gale 9. Very rough, occasionally high. Occasional rain. Good occasionally poor.
