Limitations And Restrictions - Cisco 10000-2P2-2DC Software Configuration Manual

10000 series
Table of Contents

Advertisement

Chapter 2
Scalability and Performance
the 1-port OC-12 and 8192 VCs per priority level per port for the 4-port OC-3—a total of 16,384 VCs
per priority level per port. If the number of VCs you configure exceeds the VC limit, the VCs get stuck
in the SAR.

Limitations and Restrictions

The Cisco 10000 series router has the following limitations and restrictions for scalability and
performance:
Table 2-3
Cisco IOS Release
12.2(31)SB
12.2(33)SB
OL-2226-23
When Layer 4 Redirect (L4R) service is applied without Port Bundle Host Key (PBHK) service, the
translations are all done in the PXF, except for those translations that encounter a collision
condition. A collision occurs when a subscriber has two simultaneous TCP connections whose
source ports have the same Modulo 64 result.
For example, the subscriber has an active TCP connection on source port 1026, and while this
connection is still alive the subscriber starts another TCP connection on source port 1090. A
collision is created because the Modulo 64 result for both the source ports (1024 and 1090) is 2. In
this example, L4R translation for the first traffic stream is done in the PXF and for the second TCP
stream the packets are sent to the route processor (RP) where the L4R translation is done. This
seperation prevents collisions.
When the PBHK service is applied with L4R service, certain restrictions apply:
When the destination IP in any one of the access control entries of the PBHK ACL matches the
redirected server IP address, then both L4R and PBHK translations are done in the RP.
When the destination IP address in the access control entries of the PBHK ACL does not match
the redirect server IP address, then L4R translations are done in the PXF, and the packets that
match the PBHK ACL are translated in the RP.
For configuration examples, see the
Certain restrictions apply on L4R translations for IP subnet sessions. If two subscribers send TCP
traffic using the same source port, then L4R translation for the common port is done in the RP.
However, if a group of IP subscribers in an IP subnet session send traffic on different source ports
then L4R translations for all the subscribers are done in the PXF.
For permanent L4R service, you can scale up to the number of sessions listed in
beyond these sessions can lead to an increase in CPU usage that is beyond the recommended limits.
Scaling Limit of L4R Sessions
PRE2
4000
4000
You can apply access control lists (ACLs) to virtual access interfaces (VAIs) by configuring them
under virtual template interfaces. You can also configure ACLs by using RADIUS attribute 11
or 242. Prior to Cisco IOS Release 12.2(28)SB, when you used attribute 242, a maximum of 30,000
sessions could have ACLs; this restriction was removed in release 12.2(28)SB and subsequent
releases.
For PRE2, the Cisco 10000 series router supports mini-ACLs (eight or fewer access control entries)
and turbo ACLs (more than eight access control entries) for non-SSG interfaces. The limit for
mini-ACLs is 32,000. The limit for turbo ACLs depends on the complexity of the defined ACLs. For
PRE3, the Cisco 10000 series router does not use mini-ACLs.
"Layer 4 Redirect Scaling" section on page
PRE3
4000
16000
Cisco 10000 Series Router Software Configuration Guide

Limitations and Restrictions

2-5.
Table
2-3. Scaling
PRE4
16000
2-3

Advertisement

Table of Contents
loading

This manual is also suitable for:

1000510008

Table of Contents