Cisco 10000-2P2-2DC Software Guide - Page 65
Limitations and Restrictions
View all Cisco 10000-2P2-2DC manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 65 highlights
Chapter 2 Scalability and Performance Limitations and Restrictions the 1-port OC-12 and 8192 VCs per priority level per port for the 4-port OC-3-a total of 16,384 VCs per priority level per port. If the number of VCs you configure exceeds the VC limit, the VCs get stuck in the SAR. Limitations and Restrictions The Cisco 10000 series router has the following limitations and restrictions for scalability and performance: • When Layer 4 Redirect (L4R) service is applied without Port Bundle Host Key (PBHK) service, the translations are all done in the PXF, except for those translations that encounter a collision condition. A collision occurs when a subscriber has two simultaneous TCP connections whose source ports have the same Modulo 64 result. For example, the subscriber has an active TCP connection on source port 1026, and while this connection is still alive the subscriber starts another TCP connection on source port 1090. A collision is created because the Modulo 64 result for both the source ports (1024 and 1090) is 2. In this example, L4R translation for the first traffic stream is done in the PXF and for the second TCP stream the packets are sent to the route processor (RP) where the L4R translation is done. This seperation prevents collisions. • When the PBHK service is applied with L4R service, certain restrictions apply: - When the destination IP in any one of the access control entries of the PBHK ACL matches the redirected server IP address, then both L4R and PBHK translations are done in the RP. - When the destination IP address in the access control entries of the PBHK ACL does not match the redirect server IP address, then L4R translations are done in the PXF, and the packets that match the PBHK ACL are translated in the RP. For configuration examples, see the "Layer 4 Redirect Scaling" section on page 2-5. • Certain restrictions apply on L4R translations for IP subnet sessions. If two subscribers send TCP traffic using the same source port, then L4R translation for the common port is done in the RP. However, if a group of IP subscribers in an IP subnet session send traffic on different source ports then L4R translations for all the subscribers are done in the PXF. • For permanent L4R service, you can scale up to the number of sessions listed in Table 2-3. Scaling beyond these sessions can lead to an increase in CPU usage that is beyond the recommended limits. Table 2-3 Scaling Limit of L4R Sessions Cisco IOS Release 12.2(31)SB 12.2(33)SB PRE2 4000 4000 PRE3 4000 16000 PRE4 - 16000 • You can apply access control lists (ACLs) to virtual access interfaces (VAIs) by configuring them under virtual template interfaces. You can also configure ACLs by using RADIUS attribute 11 or 242. Prior to Cisco IOS Release 12.2(28)SB, when you used attribute 242, a maximum of 30,000 sessions could have ACLs; this restriction was removed in release 12.2(28)SB and subsequent releases. • For PRE2, the Cisco 10000 series router supports mini-ACLs (eight or fewer access control entries) and turbo ACLs (more than eight access control entries) for non-SSG interfaces. The limit for mini-ACLs is 32,000. The limit for turbo ACLs depends on the complexity of the defined ACLs. For PRE3, the Cisco 10000 series router does not use mini-ACLs. OL-2226-23 Cisco 10000 Series Router Software Configuration Guide 2-3