Chapter 2 Scalability And Performance; Limitations And Restrictions - Cisco OL-4387-02 Configuration Manual

Scalability and Performance
The infrastructure of the service provider must be capable of supporting the services the enterprise
customer or Internet service provider (ISP) wants to offer its subscribers. It must also be able to scale to
an expanding subscriber base. You can configure the Cisco 10000 series router for high scalability.

Limitations and Restrictions

The Cisco 10000 series router has the following limitations and restrictions for the SSG:
•
•
•
•
•
•
•
•
•
OL-4387-02
Users can connect to a maximum of seven different services, plus the Open Garden and default
networks (a total of 9) at any one time.
The Cisco 10000 series router supports mini-ACLs and turbo ACLs. Mini-ACLs are limited to eight
or less access control entries (ACEs); turbo ACLs have more than eight ACEs. ACLs can be standard
or extended ACLs. Non-SSG interfaces support both mini-ACLs and turbo ACLs. ACLs defined
through SSG configuration (RADIUS) are restricted to mini-ACLs only. You can apply the same
ACL to multiple hosts and connections.
The SSG QoS features are limited to hierarchical policing and are not based on the modular QoS
CLI (MQC).
You cannot configure routing protocols in SSG VRFs. Therefore, RA-MPLS features are not
supported for SSG hosts.
The Cisco 10000 series router does not support load balancing on SSG uplink interfaces or
redundant uplink interfaces to the same set of services.
The Cisco 10000 series router does not support SSG services on tag interfaces.
If you use the CLI to configure a VRF on an interface and you simultaneously configure the interface
as an SSG uplink interface, the Cisco 10000 series router accepts the configuration but the SSG
uplink configuration takes precedence and the router ignores the VRF configuration.
You cannot configure overlapping IP addresses in the same VRF and you can associate a single
interface with a single VRF. The router makes routing decisions based on the longest match.
The services applied on an IP network or networks must not have conflicting features. For example,
consider the following service definitions for the Best, Good, and Standard services. These service
definitions are in conflict because network A is not policed while network B is policed and also
restricted for some hosts.
Best—Access to network A and access to network B at rate 2
Good—Access to network A and access to network B at rate 1
Standard—Access to network A but no access to network B
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
C H A P T E R
2
2-1