Skip to main content

CBAC concurrent sessions

another trick that I just learned. If you want to limit the number of the concurrent sessions going through the inspect rules you can use:


"RouterXXX(config)#ip inspect hashtable number"



Usage Guidelines

Use the ip inspect hashtable command to increase the size of the hash table when the number of concurrent sessions increases or to reduce the search time for the session. Collisions in a hash table result in poor hash function distribution because many entries are hashed into the same bucket for certain patterns of addresses. Even if a hash function distribution evenly dispenses the input across all of the buckets, a small hash table size will not scale well if there are a large number of sessions. As the number of sessions increase, the collisions increase, which increases the length of the linked lists, thereby, deteriorating the throughput performance.

Labels

Labels:

Popular posts from this blog

IOS on Unix (IOU)

source http://evilrouters.net/2011/01/18/cisco-iou-faq/ What is IOU? From the Cisco Engineering Education web site (a long time ago): IOS on Unix (IOU) is a fully working version of IOS that runs as a user mode UNIX (Solaris) process. IOU is built as a native Solaris image and run just like any other program. IOU supports all platform independent protocols and features. What operating systems does IOU run on? It is my understanding that, initially, IOU was Solaris (SPARC) only. Nowadays, however, there are also builds for OS X and Linux. Similar to dynamips, IOU allows you to build out a network topology on a computer, without the need for physical routers. This is useful for validating designs, proof-of-concept testing, and certification self-study. Is my system compatible with IOU? You will need to be running the operating system that your IOU image were built for, obviously. Other than that, there are no special requirements to run IOU. It is not very CPU- or memory-intensive, unlik...
Read more >>

Impressed with Poly brand for conference headphones

I previously used my Sony XM4 headphones for calls and initially found them versatile for multiple purposes. However, as my meetings extended to several hours, I noticed they became less comfortable. To address this, I upgraded to wireless headphones from Poly, which offer significantly improved comfort. While I don’t plan to use them for music listening, my initial impression is very positive.
Read more >>

Flapping LDP/RSVP on Olive

I had a strange problem where the LDP and RSVP was flapping on JunOS/Olive and I think I managed to fix it by changing the driver from e1000 to i82559er and lo0.0 with 127.0.0.1.  I don't want to spend more time investigating it but if someone have similar problem at least this comment could be a good start. root@jr2>  *** MPLS *** May 21 14:27:21.472443 Session 4.4.4.4 hold timer expired in Operational state May 21 14:27:21.473451 Connection 4.4.4.4 state Open -> Closed May 21 14:27:21.473838 Session 4.4.4.4 GR state Operational -> Nonexistent May 21 14:27:21.473923 Session 4.4.4.4 state Operational -> Closing May 21 14:27:21.474054 LDP session 4.4.4.4 is down, reason: hold time expired May 21 14:27:21.474364 RPD_LDP_SESSIONDOWN: LDP session 4.4.4.4 is down, reason: hold time expired May 21 14:27:21.475567 Session 4.4.4.4 state Closing -> Nonexistent May 21 14:27:21.476180 CHANGE   317024 /52          nhid ...
Read more >>