11.03.2019 19:08, Tony Finch пишет: > Yuri via Unbound-users <[email protected]> wrote: >> For DNS interception (to Unbound, of course) I'm using PBR: >> >> ip access-list extended intercept-ports >> permit udp any any eq domain >> permit tcp any any eq domain >> deny ip any any >> ! >> ! >> route-map redirect_dns permit 30 >> match ip address intercept-ports >> set ip next-hop 192.168.200.3 >> ! >> >> which processes on router CPU and sometimes overload them. > That sounds to me like something that should be solvable with a > configuration fix. Maybe this? > https://community.cisco.com/t5/switching/high-cpu-usage-after-configured-pbr/td-p/2325961
Nop. This is specifix Catalyst 4500 switch solution. But I'm talking about routers. At least, ISRG2 family. > > Tony. -- "C++ seems like a language suitable for firing other people's legs." ***************************** * C++20 : Bug to the future * *****************************
