Answer the question
In order to leave comments, you need to log in
A
A
Alexander2014-09-25 17:13:22
Alexander, 2014-09-25 17:13:22
Cisco 2801 limit?
Hello.
There is a Cisco 2801 router that supports IPsec tunnels with branches (3 pcs), and NAT for users. Internet access is configured through Extended ACL. There is very little traffic inside the tunnels (5-10 RDP sessions). 70 megabits come to Cisco.
Problem:
If several users (2-3) simultaneously make video calls via Skype or 1 user starts torrents (for example, download debian :)), then the CPU usage soars to 90-100%, as a result, huge pings even to the internal interface (200-300ms ), but it’s not even worth talking about the Internet (the provider’s gateway is 80% loss and pings under 1500ms).
Due to the fact that more and more people use Skype, a question arose. What to do?
1. Buy a more serious device (for example 3925), did I understand correctly that for2801 is the physical limit?
2. Study the config. shouldn't this be?
3 answer(s)
@avk_vod
@karabanov
P
powersa, 2014-09-26 @avk_vod
by itself, NAT heavily loads + if I understand correctly, then the torrent also flies in the tunnels.
of the options - limit the number of NAT sessions to 1 ip, reduce session timeouts, tweak the torrent client.
monitor - show proc cpu.
ZY
my opinion for 70 Mb only pure NAT+Access list - 2801 is not enough. You would be 29xx.
A
Alexander Karabanov, 2014-09-25 @karabanov
cef enabled?
Is route caching enabled? On my 2800, these caching options are:
Router# ip route-cache ?
cef Enable Cisco Express Forwarding
flow Enable Flow fast-switching cache
policy Enable fast-switching policy cache for outgoing packets
same-interface Enable fast-switching on the same interface
I am using ip route-cache flow
Similar questions
P
V
P
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question