06-27-2017 03:53 AM - edited 03-01-2019 03:07 PM
Hello All,
we are trying to migrate our PPPoE users termination from ASR1k to ASR9k but we have many questions about that and we faced some problems
below is that I have.
2x A9K-RSP440-SE
2x A9K-24X10GE-SE
software version 5.3.4
BNG package and license are installed
Core Issue....
we set the router up and everything looks fine BUT when we put some load real users and having some traffic we notice that the line card CPU is very high relativity to the number of users ( total user was something around 2k ) and if we put something around 15k user with their traffic the line card CPU reaches 100% and the router stop functioning, we face the same issue when we are terminating the users on the line card or on the RSP
BNG Questions....
1- what
2- with LC based there is a restriction of using PQOS, is that lifted with the new version.
3- what is the best and recommended software for BNG deployment
below is a part of the router configuration
pool
address-range 10.5.0.0 10.5.0.254
!
pool
address-range 10.4.0.2 10.4.7.254
!
pool
address-range 10.4.16.2 10.4.23.254
!
pool
address-range 10.4.24.2 10.4.31.254
!
pool
address-range 10.4.8.2 10.4.15.254
!
pool
address-range 10.4.32.2 10.4.39.254
!
ipv4 source-route
dynamic-template
type
service-policy type
keepalive 10 1
service-policy input UPLOAD
accounting aaa list default type session periodic-interval 4
ipv4 unnumbered Loopback1
ipv4 access-group USERS ingress
!
!
ipv4 access-list 50
ipv4 access-list USERS
10 deny tcp 10.0.0.0 0.255.255.255 10.0.0.0 0.255.255.255 eq www
!
ipv4 access-list EXPIRE
10 permit tcp 10.5.0.0 0.0.0.255 any eq www
!
ipv4 access-list ANY_ACL
10 permit ipv4 any any
!
ipv4 access-list
10 permit
!
ipv4 access-list PRIVATE
10 permit ipv4 host 192.168.99.2 any
!
ipv4 access-list BLCK_EXP
5 permit ipv4 any host 192.168.30.25
!
ipv4 access-list SUBS_POOL
10 permit
!
ipv4 access-list CRITICAL_LIST
10 permit
!
ipv4 access-list LOCAL_SERVICE
10 permit ipv4 x.x.x.0 0.0.0.255 any
!
class-map match-any ANY
match access-group ipv4 ANY_ACL
end-class-map
!
class-map match-any CRITICAL
match access-group ipv4 CRITICAL_LIST
end-class-map
!
class-map match-any LOCAL_SERVICE_CLASS
match access-group ipv4 LOCAL_SERVICE
end-class-map
!
class-map type traffic match-any SUBS_HTTP
match access-group ipv4 SUBS_POOL
end-class-map
!
class-map type traffic match-any EXPIRE_CLASS
match access-group ipv4 EXPIRE
end-class-map
!
class-map type traffic match-any PORTIAL_CLASS
match access-group ipv4
end-class-map
!
policy-map Vip
class CRITICAL
priority level 1
!
class LOCAL_SERVICE_CLASS
police rate 40
conform-action transmit
exceed-action drop
!
!
class ANY
police rate 12
conform-action transmit
exceed-action drop
!
!
class class-default
!
end-policy-map
!
policy-map Gold
class CRITICAL
priority level 1
!
class LOCAL_SERVICE_CLASS
police rate 24
conform-action transmit
exceed-action drop
!
!
class ANY
police rate 6
conform-action transmit
exceed-action drop
!
!
class class-default
!
end-policy-map
!
policy-map Bronze
class CRITICAL
priority level 1
!
class LOCAL_SERVICE_CLASS
police rate 8
conform-action transmit
exceed-action drop
!
!
class ANY
police rate 2
conform-action transmit
exceed-action drop
!
!
class class-default
!
end-policy-map
!
policy-map Silver
class CRITICAL
priority level 1
!
class LOCAL_SERVICE_CLASS
police rate 16
conform-action transmit
exceed-action drop
!
!
class ANY
police rate 3
conform-action transmit
exceed-action drop
!
!
class class-default
!
end-policy-map
!
policy-map UPLOAD
class ANY
police rate 100
!
!
class class-default
!
end-policy-map
!
policy-map Platinum
class CRITICAL
priority level 1
!
class LOCAL_SERVICE_CLASS
police rate 32
conform-action transmit
exceed-action drop
!
!
class ANY
police rate 8
conform-action transmit
exceed-action drop
!
!
class class-default
!
end-policy-map
!
policy-map type
class type traffic SUBS_HTTP
transmit
!
class type traffic PORTIAL_CLASS
transmit
!
class type traffic EXPIRE_CLASS
!
class type traffic class-default
!
end-policy-map
!
interface Loopback1
ipv4 address 10.0.0.1 255.0.0.0
interface TenGigE0/1/0/0.11
ipv4 address 192.168.11.2 255.255.255.252
encapsulation dot1q 11
ipv4 access-group BLCK_EXP egress
!
interface TenGigE0/1/0/0.12
description FTTx-HQ
service-policy type control subscriber PPP
encapsulation dot1q 12
!
interface TenGigE0/1/0/0.79
ipv4 address 192.168.30.27 255.255.255.248
encapsulation dot1q 79
!
interface TenGigE0/1/0/0.1199
ipv4 address 172.1.1.1 255.255.255.0
service-policy type control subscriber PPP
encapsulation dot1q 1199
!
interface TenGigE0/1/0/0.2050
service-policy type control subscriber PPP
encapsulation ambiguous dot1q 2050 second-dot1q 2-4094
!
interface TenGigE0/1/0/0.2051
service-policy type control subscriber PPP
encapsulation ambiguous dot1q 2051 second-dot1q 2-4094
!
interface TenGigE0/1/0/0.2060
service-policy type control subscriber PPP
encapsulation dot1q 2060
!
ssh server v2
ssh server
ssh server
aaa accounting service default group radius
aaa accounting subscriber default group radius
aaa authorization subscriber default group radius
aaa authentication subscriber default group radius
subscriber
!
service selection disable
sessions
sessions inner-
sessions outer-
sessions access-interface limit 65535
!
class-map type control subscriber match-any PPP
match protocol
end-class-map
!
!
policy-map type control subscriber PPP
event session-start match-first
class type control subscriber PPP do-until-failure
10 activate dynamic-template DTP
!
!
event session-activate match-first
class type control subscriber PPP do-until-failure
10 authenticate aaa list default
20 authorize aaa list default identifier username password use-from-line
!
!
end-policy-map
!
end
thanks in advance