Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1344
Views
0
Helpful
1
Replies

our cisco 7206G2 BRAS have High CPU usage!!

traderose11
Level 1
Level 1

‎11-05-2012 09:00 AM - edited ‎03-07-2019 09:52 AM

Hi All,

i have high cpu utalization 70%  usage with my BRAS 7206 while the online PPPoVPDN customers not more than 1200 online concurrent sessions

i revised the configuration but i coudn't found the cause of problem.

i monitord that when i tried to traceroute from ADSL client router any of the servers  ip address behind servers network , it seems the packet go out through DEFAULT-ROUTE route map which results the following:

C:\Users\jit>tracert x.x.176.194

Tracing route to proxy.ctx.com [x.x.176.194]

over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  x.x.178.129

  2     3 ms    <1 ms    <1 ms  x.x.176.1

  3    <1 ms    <1 ms    <1 ms  z.z.66.129

  4    <1 ms    <1 ms    <1 ms  z.z.244.66.130

  5    <1 ms    <1 ms    <1 ms  pr.ctx.com [x.x.176.194]

Trace complete.

while the packet should go direct as the following:

C:\Users\jit>tracert x.x.176.194

Tracing route to pr.ctx.com [x.x.176.194]

over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  x.x.178.129

  2    13 ms    31 ms    31 ms  x.x.176.1

  3    <1 ms    <1 ms    <1 ms  pr.ctx.com [x.x.176.194]

Trace complete.

also i have heavy logs on console as the following:

e Virtual-Access646, changed state to down

1527210: Nov  5 08:25:03.825 GMT: %LINK-3-UPDOWN: Interface Virtual-Access646, c

hanged state to down

1527211: Nov  5 08:25:04.357 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access873, changed state to down

1527212: Nov  5 08:25:04.357 GMT: %LINK-3-UPDOWN: Interface Virtual-Access873, c

hanged state to down

1527213: Nov  5 08:25:05.701 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1090,

changed state to up

1527214: Nov  5 08:25:05.705 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1090, changed state to up

1527215: Nov  5 08:25:06.317 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527216: Nov  5 08:25:07.645 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access859, changed state to down

1527217: Nov  5 08:25:07.649 GMT: %LINK-3-UPDOWN: Interface Virtual-Access859, c

hanged state to down

1527218: Nov  5 08:25:09.005 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527219: Nov  5 08:25:09.485 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1059,

changed state to up

1527220: Nov  5 08:25:09.489 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1059, changed state to up

1527221: Nov  5 08:25:09.749 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access149, changed state to down

1527222: Nov  5 08:25:09.749 GMT: %LINK-3-UPDOWN: Interface Virtual-Access149, c

hanged state to down

1527223: Nov  5 08:25:11.269 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access494, changed state to down

1527224: Nov  5 08:25:11.269 GMT: %LINK-3-UPDOWN: Interface Virtual-Access494, c

hanged state to down

1527225: Nov  5 08:25:12.273 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access112, changed state to down

1527226: Nov  5 08:25:12.273 GMT: %LINK-3-UPDOWN: Interface Virtual-Access112, c

hanged state to down

1527227: Nov  5 08:25:12.309 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527228: Nov  5 08:25:13.029 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access869, changed state to down

1527229: Nov  5 08:25:13.029 GMT: %LINK-3-UPDOWN: Interface Virtual-Access869, c

hanged state to down

1527230: Nov  5 08:25:14.477 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1201,

changed state to up

1527231: Nov  5 08:25:14.481 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1201, changed state to up

1527232: Nov  5 08:25:14.733 GMT: %LINK-3-UPDOWN: Interface Virtual-Access946, c

hanged state to up

1527233: Nov  5 08:25:14.737 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access946, changed state to up

1527234: Nov  5 08:25:14.821 GMT: %LINK-3-UPDOWN: Interface Virtual-Access734, c

hanged state to up

1527235: Nov  5 08:25:14.825 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access734, changed state to up

1527236: Nov  5 08:25:14.973 GMT: %LINK-3-UPDOWN: Interface Virtual-Access97, ch

anged state to down

1527237: Nov  5 08:25:14.977 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access97, changed state to down

1527238: Nov  5 08:25:15.009 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527239: Nov  5 08:25:15.773 GMT: %LINK-3-UPDOWN: Interface Virtual-Access928, c

hanged state to up

1527240: Nov  5 08:25:15.777 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access928, changed state to up

1527241: Nov  5 08:25:17.921 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access698, changed state to down

1527242: Nov  5 08:25:17.925 GMT: %LINK-3-UPDOWN: Interface Virtual-Access698, c

hanged state to down

1527243: Nov  5 08:25:18.013 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527244: Nov  5 08:25:19.713 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access133, changed state to down

1527245: Nov  5 08:25:19.713 GMT: %LINK-3-UPDOWN: Interface Virtual-Access133, c

hanged state to down

1527246: Nov  5 08:25:19.873 GMT: %LINK-3-UPDOWN: Interface Virtual-Access696, c

hanged state to up

1527247: Nov  5 08:25:19.877 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access696, changed state to up

1527248: Nov  5 08:25:21.397 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527249: Nov  5 08:25:22.033 GMT: %LINK-3-UPDOWN: Interface Virtual-Access182, c

hanged state to up

1527250: Nov  5 08:25:22.037 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access182, changed state to up

1527251: Nov  5 08:25:22.273 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access718, changed state to down

1527252: Nov  5 08:25:22.273 GMT: %LINK-3-UPDOWN: Interface Virtual-Access718, c

hanged state to down

1527253: Nov  5 08:25:23.693 GMT: %LINK-3-UPDOWN: Interface Virtual-Access304, c

hanged state to up

1527254: Nov  5 08:25:23.697 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access304, changed state to up

1527255: Nov  5 08:25:23.841 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1203, changed state to down

1527256: Nov  5 08:25:23.841 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1203,

changed state to down

1527257: Nov  5 08:25:23.849 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access533, changed state to down

1527258: Nov  5 08:25:23.849 GMT: %LINK-3-UPDOWN: Interface Virtual-Access533, c

hanged state to down

1527259: Nov  5 08:25:23.849 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access403, changed state to down

1527260: Nov  5 08:25:23.849 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1018, changed state to down

1527261: Nov  5 08:25:23.865 GMT: %LINK-3-UPDOWN: Interface Virtual-Access403, c

hanged state to down

1527262: Nov  5 08:25:23.865 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1018,

changed state to down

1527263: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access212, changed state to down

1527264: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access674, changed state to down

1527265: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access76, changed state to down

1527266: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access389, changed state to down

1527267: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1083, changed state to down

1527268: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access202, changed state to down

1527269: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access253, changed state to down

1527270: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access162, changed state to down

1527271: Nov  5 08:25:23.869 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access66, changed state to down

1527272: Nov  5 08:25:23.893 GMT: %LINK-3-UPDOWN: Interface Virtual-Access212, c

hanged state to down

1527273: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access674, c

hanged state to down

1527274: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access76, ch

anged state to down

1527275: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access389, c

hanged state to down

1527276: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1083,

changed state to down

1527277: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access202, c

hanged state to down

1527278: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access253, c

hanged state to down

1527279: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access162, c

hanged state to down

1527280: Nov  5 08:25:23.897 GMT: %LINK-3-UPDOWN: Interface Virtual-Access66, ch

anged state to down

1527281: Nov  5 08:25:23.921 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access722, changed state to down

1527282: Nov  5 08:25:23.921 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access685, changed state to down

1527283: Nov  5 08:25:23.921 GMT: %LINK-3-UPDOWN: Interface Virtual-Access722, c

hanged state to down

1527284: Nov  5 08:25:23.929 GMT: %LINK-3-UPDOWN: Interface Virtual-Access685, c

hanged state to down

1527285: Nov  5 08:25:24.017 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527286: Nov  5 08:25:24.481 GMT: %LINK-3-UPDOWN: Interface Virtual-Access845, c

hanged state to up

1527287: Nov  5 08:25:24.485 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access845, changed state to up

1527288: Nov  5 08:25:25.445 GMT: %LINK-3-UPDOWN: Interface Virtual-Access437, c

hanged state to up

1527289: Nov  5 08:25:25.449 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access437, changed state to up

1527290: Nov  5 08:25:25.641 GMT: %LINK-3-UPDOWN: Interface Virtual-Access169, c

hanged state to up

1527291: Nov  5 08:25:25.645 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access169, changed state to up

1527292: Nov  5 08:25:25.693 GMT: %LINK-3-UPDOWN: Interface Virtual-Access90, ch

anged state to up

1527293: Nov  5 08:25:25.697 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access90, changed state to up

1527294: Nov  5 08:25:26.565 GMT: %LINK-3-UPDOWN: Interface Virtual-Access572, c

hanged state to up

1527295: Nov  5 08:25:26.569 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access572, changed state to up

1527296: Nov  5 08:25:26.729 GMT: %LINK-3-UPDOWN: Interface Virtual-Access912, c

hanged state to up

1527297: Nov  5 08:25:26.733 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access912, changed state to up

1527298: Nov  5 08:25:26.753 GMT: %LINK-3-UPDOWN: Interface Virtual-Access826, c

hanged state to up

1527299: Nov  5 08:25:26.757 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access826, changed state to up

1527300: Nov  5 08:25:26.777 GMT: %LINK-3-UPDOWN: Interface Virtual-Access714, c

hanged state to down

1527301: Nov  5 08:25:26.781 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access714, changed state to down

1527302: Nov  5 08:25:27.021 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1011,

changed state to up

1527303: Nov  5 08:25:27.025 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1011, changed state to up

1527304: Nov  5 08:25:27.245 GMT: %LINK-3-UPDOWN: Interface Virtual-Access622, c

hanged state to up

1527305: Nov  5 08:25:27.249 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access622, changed state to up

1527306: Nov  5 08:25:27.317 GMT: %LINK-3-UPDOWN: Interface Virtual-Access904, c

hanged state to up

1527307: Nov  5 08:25:27.321 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access904, changed state to up

1527308: Nov  5 08:25:27.345 GMT: %LINK-3-UPDOWN: Interface Virtual-Access675, c

hanged state to up

1527309: Nov  5 08:25:27.349 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access675, changed state to up

1527310: Nov  5 08:25:27.381 GMT: %LINK-3-UPDOWN: Interface Virtual-Access901, c

hanged state to up

1527311: Nov  5 08:25:27.385 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access901, changed state to up

1527312: Nov  5 08:25:27.385 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527313: Nov  5 08:25:27.541 GMT: %LINK-3-UPDOWN: Interface Virtual-Access1049,

changed state to up

1527314: Nov  5 08:25:27.545 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access1049, changed state to up

1527315: Nov  5 08:25:27.789 GMT: %LINK-3-UPDOWN: Interface Virtual-Access293, c

hanged state to up

1527316: Nov  5 08:25:27.793 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access293, changed state to up

1527317: Nov  5 08:25:28.401 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access848, changed state to down

1527318: Nov  5 08:25:28.405 GMT: %LINK-3-UPDOWN: Interface Virtual-Access848, c

hanged state to down

1527319: Nov  5 08:25:30.021 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527320: Nov  5 08:25:30.217 GMT: %LINK-3-UPDOWN: Interface Virtual-Access306, c

hanged state to up

1527321: Nov  5 08:25:30.221 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access306, changed state to up

1527322: Nov  5 08:25:30.741 GMT: %LINK-3-UPDOWN: Interface Virtual-Access991, c

hanged state to up

CN_LNS_G1#

1527323: Nov  5 08:25:30.749 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access991, changed state to up

1527324: Nov  5 08:25:33.021 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527325: Nov  5 08:25:34.569 GMT: %LINK-3-UPDOWN: Interface Virtual-Access221, c

hanged state to down

1527326: Nov  5 08:25:34.573 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access221, changed state to down

1527327: Nov  5 08:25:35.005 GMT: %LINK-3-UPDOWN: Interface Virtual-Access33, ch

anged state to up

1527328: Nov  5 08:25:35.009 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access33, changed state to up

1527329: Nov  5 08:25:35.293 GMT: %LINK-3-UPDOWN: Interface Virtual-Access840, c

hanged state to up

1527330: Nov  5 08:25:35.297 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access840, changed state to up

1527331: Nov  5 08:25:36.297 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527332: Nov  5 08:25:36.833 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access52, changed state to down

1527333: Nov  5 08:25:36.833 GMT: %LINK-3-UPDOWN: Interface Virtual-Access52, ch

anged state to down

1527334: Nov  5 08:25:37.273 GMT: %LINK-3-UPDOWN: Interface Virtual-Access868, c

hanged state to up

1527335: Nov  5 08:25:37.277 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access868, changed state to up

1527336: Nov  5 08:25:38.657 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access26, changed state to down

1527337: Nov  5 08:25:38.661 GMT: %LINK-3-UPDOWN: Interface Virtual-Access26, ch

anged state to down

1527338: Nov  5 08:25:39.029 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty3 (31.223.180.2)

1527339: Nov  5 08:25:40.089 GMT: %LINK-3-UPDOWN: Interface Virtual-Access142, c

hanged state to up

1527340: Nov  5 08:25:40.093 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access142, changed state to up

1527341: Nov  5 08:25:40.185 GMT: %LINK-3-UPDOWN: Interface Virtual-Access500, c

hanged state to up

1527342: Nov  5 08:25:40.189 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access500, changed state to up

1527343: Nov  5 08:25:41.453 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access83, changed state to down

1527344: Nov  5 08:25:41.453 GMT: %LINK-3-UPDOWN: Interface Virtual-Access83, ch

anged state to down

1527345: Nov  5 08:25:41.589 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access273, changed state to down

1527346: Nov  5 08:25:41.593 GMT: %LINK-3-UPDOWN: Interface Virtual-Access273, c

hanged state to down

1527347: Nov  5 08:25:41.661 GMT: %LINK-3-UPDOWN: Interface Virtual-Access832, c

hanged state to up

1527348: Nov  5 08:25:41.665 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access832, changed state to up

1527349: Nov  5 08:25:41.697 GMT: %LINK-3-UPDOWN: Interface Virtual-Access485, c

hanged state to up

1527350: Nov  5 08:25:41.701 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access485, changed state to up

1527351: Nov  5 08:25:42.285 GMT: %LINK-3-UPDOWN: Interface Virtual-Access788, c

hanged state to up

1527352: Nov  5 08:25:42.289 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access788, changed state to up

1527353: Nov  5 08:25:42.577 GMT: %SYS-5-PRIV_AUTH_PASS: Privilege level set to

15 by citynet on vty2 (31.223.180.2)

1527354: Nov  5 08:25:42.889 GMT: %LINK-3-UPDOWN: Interface Virtual-Access487, c

hanged state to up

1527355: Nov  5 08:25:42.893 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access487, changed state to up

1527356: Nov  5 08:25:42.993 GMT: %LINEPROTO-5-UPDOWN: Line protocol on Interfac

e Virtual-Access465, changed state to down

1527357: Nov  5 08:25:42.993 GMT: %LINK-3-UPDOWN: Interface Virtual-Access465, c

hanged state to down

1527358: Nov  5 08:25:43.209 GMT: %LINK-3-UPDOWN: Interface Virtual-Access843, c

hanged state to down

----->

here is the configuration :

upgrade fpd auto

version 15.0

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname CTX_LNS_G1

!

boot-start-marker

boot system flash disk2:c7200p-advipservicesk9-mz.150-1.M3.bin

boot-end-marker

!

security authentication failure rate 10 log

security passwords min-length 6

logging userinfo

logging buffered 1x072

logging reload alerts

no logging console

enable password 7 xxxxxxx

!

aaa new-model

!

!

aaa group server radius CTX

server-private x.x.x.x auth-port 1812 acct-port 1813 key 7 xxxxxx

!

aaa authentication login default local

aaa authentication login userauthen local

aaa authentication ppp USERS group CTX

aaa authorization console

aaa authorization network USERS group CTX

aaa accounting delay-start

aaa accounting update newinfo periodic 60

aaa accounting network USERS

action-type start-stop

group CTX

!

aaa accounting resource USERS

action-type start-stop

group CTX

!

aaa dnis map enable

!

!

!

!

aaa server radius dynamic-author

client x.x.176.1 server-key 7 xxxxx

auth-type all

ignore session-key

ignore server-key

!

aaa session-id common

no ppp hold-queue

!

!

!

clock timezone GMT 2

clock summer-time CST recurring

clock calendar-valid

no ip source-route

no ip gratuitous-arps

ip cef

!

!

!

!

no ip bootp server

no ip domain lookup

ip domain name xxxx

ip name-server x.x.x.x

ip wccp 80 redirect-list cachebox80 password 7 ********

ip wccp 90 redirect-list cachebox90 password 7 ********

login block-for 200 attempts 3 within 180

no ipv6 cef

!

multilink bundle-name authenticated

vpdn enable

no vpdn ip udp ignore checksum

vpdn domain-delimiter @ suffix

!

vpdn-group BSA

! Default L2TP VPDN group

! Default PPTP VPDN group

accept-dialin

  protocol any

  virtual-template 2

lcp renegotiation on-mismatch

l2tp tunnel password 7 ****************

relay pppoe bba-group CTX

!

!

username ****** privilege 15 password 7 *********

!

redundancy

!

!

!

ip tcp synwait-time 10

ip ssh time-out 60

ip ssh authentication-retries 2

!

track 1 ip sla 1 reachability

delay down 30

!

track 2 ip sla 2 reachability

delay down 30

!

class-map match-all ICMP

match protocol icmp

class-map match-any bittorrent

match access-group name utorrent

match protocol bittorrent

class-map match-any WebEmail

match protocol http

match protocol secure-http

match protocol ftp

match protocol smtp

match protocol pop3

match protocol dns

class-map match-any VoIP

match protocol rtp

match protocol skype

match protocol rtcp

match protocol sip

class-map match-any 512-1M-home

match access-group name half-one-mega-home

class-map match-any Bussiness

match access-group name Bussiness

class-map match-any 4M-home

match access-group name four-mega-home

class-map match-any 2M-home

match access-group name two-mega-home

class-map match-any counterstrike

match access-group name counterstrike

class-map match-any overlimit

match access-group name overlimit

!

!

policy-map ICMP

class ICMP

    priority 1024

    police 1024000

policy-map 5M-limit

class overlimit

   police cir 46000000

     conform-action transmit

     exceed-action drop

class class-default

policy-map qos-policy

class VoIP

    priority percent 10

  set dscp ef

class WebEmail

    bandwidth remaining percent 70

class counterstrike

    bandwidth remaining percent 15

class overlimit

class class-default

    fair-queue

policy-map input_qos

class bittorrent

   police cir 10000 bc 5000 be 5000

     conform-action transmit

     exceed-action drop

policy-map traffic-shaper

class Bussiness

   police cir 4000000

     conform-action transmit

     exceed-action drop

class 512-1M-home

   police cir 27000000

     conform-action transmit

     exceed-action drop

class 2M-home

   police cir 10000000

     conform-action transmit

     exceed-action drop

class 4M-home

   police cir 4000000

     conform-action transmit

     exceed-action drop

!

!

!

!

!

!

!

!

bba-group pppoe CTX

virtual-template 2

service profile CTX

!

!

interface Loopback0

ip address x.x.177.6 255.255.255.252

ip virtual-reassembly

!

!

interface Loopback1

ip address x.x.177.12 255.255.255.255

ip virtual-reassembly

ip policy route-map DEFAULT-ROUTE

!

!

interface Null0

no ip unreachables

!

interface GigabitEthernet0/1

description DMZ

no ip address

ip virtual-reassembly

load-interval 30

duplex full

speed auto

media-type rj45

negotiation auto

no mop enabled

!

hold-queue 4096 in

hold-queue 4096 out

!

interface GigabitEthernet0/1.995

encapsulation dot1Q 995

ip address x.x.176.189 255.255.255.252

!

interface GigabitEthernet0/1.1000

description Wireless+servers-network

encapsulation dot1Q 1000

ip address x.x.179.17 255.255.255.248 secondary

ip address x.x.178.1 255.255.255.252 secondary

ip address x.x.176.5 255.255.255.252 secondary

ip address x.x.176.1 255.255.255.252

ip policy route-map DEFAULT-ROUTE

!

interface GigabitEthernet0/1.2100

description CACHE

encapsulation dot1Q 2100

ip address x.x.176.193 255.255.255.252

ip wccp redirect exclude in

!

interface FastEthernet0/2

ip address x.x.176.197 255.255.255.252

no ip unreachables

ip virtual-reassembly

load-interval 30

duplex full

speed 100

!

!

interface GigabitEthernet0/2

description ADSL-BACKHUAL

ip address y.y.90.10 255.255.255.252

ip virtual-reassembly

ip policy route-map DEFAULT-ROUTE

load-interval 30

duplex full

speed 1000

media-type sfp

negotiation auto

keepalive 60

no mop enabled

!

hold-queue 4096 in

hold-queue 4096 out

!

interface GigabitEthernet0/3

no ip address

ip virtual-reassembly

load-interval 30

duplex full

speed 1000

media-type rj45

negotiation auto

no mop enabled

!

hold-queue 4096 in

hold-queue 4096 out

!

interface GigabitEthernet0/3.2

description ISPA

encapsulation dot1Q 999

ip address z.z.66.130 255.255.255.252

ip wccp 80 redirect out

ip wccp 90 redirect in

!

interface GigabitEthernet0/3.855

description ISPB

encapsulation dot1Q 855

ip address w.w.172.250 255.255.255.248

ip wccp 80 redirect out

ip wccp 90 redirect in

no cdp enable

!

interface Virtual-Template2

ip unnumbered Loopback1

no ip unreachables

ip verify unicast reverse-path

ip virtual-reassembly

ip policy route-map DEFAULT-ROUTE

ip tcp adjust-mss 1360

load-interval 30

peer default ip address pool BSA

keepalive 60

ppp encrypt mppe 128

ppp authentication ms-chap ms-chap-v2 pap chap callin USERS

ppp authorization USERS

ppp accounting USERS

ppp ipcp dns x.x.x.x

ppp ipcp wins reject

ppp timeout retry 15

ppp timeout authentication 15

ppp timeout idle 300

!

!

router bgp xxx

bgp router-id x.x.176.1

no bgp log-neighbor-changes

neighbor 10.20.172.249 remote-as www

neighbor 10.20.172.249 update-source GigabitEthernet0/3.855

neighbor 213.244.66.129 remote-as zzz

neighbor 213.244.66.129 password 7 *************

neighbor 213.244.66.129 update-source GigabitEthernet0/3.2

!

address-family ipv4

  no synchronization

  network x.x.176.0 mask 255.255.255.0

  network x.x.177.0 mask 255.255.255.0

  network x.x.178.0 mask 255.255.255.0

  network x.x.179.0 mask 255.255.255.0

  network x.x.180.0 mask 255.255.255.0

  network x.x.181.0 mask 255.255.255.0

  network x.x.182.0 mask 255.255.255.0

  network x.x.183.0 mask 255.255.255.0

  network x.x.184.0 mask 255.255.255.0

  network x.x.185.0 mask 255.255.255.0

  network x.x.186.0 mask 255.255.254.0

  network x.x.188.0 mask 255.255.254.0

  network x.x.190.0 mask 255.255.254.0

  neighbor w.w.172.249 activate

  neighbor w.w.172.249 weight 120

  neighbor w.w.172.249 route-map B_LINE out

  neighbor z.z.66.129 activate

  neighbor z.z.66.129 weight 220

  neighbor z.z.66.129 route-map ISPA in

  neighbor z.z.66.129 route-map A_LINE out

  maximum-paths 3

  no auto-summary

exit-address-family

!

ip local pool BSA x.x.185.1 x.x.191.254

ip local pool BSA x.x.183.1 x.x.184.239

ip forward-protocol nd

no ip http server

ip http access-class 1

ip http authentication local

no ip http secure-server

!

!

ip route 10.100.100.0 255.255.255.0 x.x.176.6

ip route x.x.176.0 255.255.255.0 Null0

ip route x.x.176.8 255.255.255.252 x.x.178.2

ip route x.x.176.16 255.255.255.240 x.x.184.240

ip route x.x.176.32 255.255.255.252 x.x.178.2

ip route x.x.176.36 255.255.255.252 x.x.178.2

ip route x.x.176.40 255.255.255.252 x.x.178.2

ip route x.x.176.64 255.255.255.252 x.x.178.2

ip route x.x.176.68 255.255.255.252 x.x.178.2

ip route x.x.176.96 255.255.255.240 x.x.178.2

ip route x.x.176.112 255.255.255.240 x.x.178.2

ip route x.x.176.128 255.255.255.252 x.x.178.2

ip route x.x.176.132 255.255.255.252 x.x.178.2

ip route x.x.176.152 255.255.255.252 x.x.178.2

ip route x.x.176.160 255.255.255.224 x.x.178.2

ip route x.x.177.0 255.255.255.0 Null0

ip route x.x.177.0 255.255.255.252 x.x.179.18

ip route x.x.177.64 255.255.255.248 x.x.176.2

ip route x.x.178.0 255.255.255.0 Null0

ip route x.x.178.64 255.255.255.248 x.x.176.6

ip route x.x.178.120 255.255.255.248 x.x.178.2

ip route x.x.178.128 255.255.255.240 x.x.178.2

ip route x.x.178.144 255.255.255.248 x.x.178.2

ip route x.x.178.160 255.255.255.240 x.x.184.246

ip route x.x.178.176 255.255.255.248 x.x.184.249

ip route x.x.179.0 255.255.255.0 Null0

ip route x.x.179.0 255.255.255.248 x.x.178.2

ip route x.x.179.8 255.255.255.252 x.x.178.2

ip route x.x.179.12 255.255.255.252 x.x.178.2

ip route x.x.179.32 255.255.255.252 x.x.178.2

ip route x.x.179.36 255.255.255.252 x.x.178.2

ip route x.x.179.40 255.255.255.252 x.x.178.2

ip route x.x.179.44 255.255.255.252 x.x.178.2

ip route x.x.179.48 255.255.255.252 x.x.178.2

ip route x.x.179.52 255.255.255.252 x.x.178.2

ip route x.x.179.56 255.255.255.252 x.x.178.2

ip route x.x.179.60 255.255.255.252 x.x.178.2

ip route x.x.179.64 255.255.255.248 x.x.178.2

ip route x.x.180.0 255.255.255.0 Null0

ip route x.x.180.0 255.255.255.248 x.x.176.6

ip route x.x.180.8 255.255.255.248 x.x.176.6

ip route x.x.180.32 255.255.255.240 x.x.176.2

ip route x.x.180.48 255.255.255.248 x.x.178.2

ip route x.x.181.0 255.255.255.0 Null0

ip route x.x.182.0 255.255.255.0 Null0

ip route x.x.183.0 255.255.255.0 Null0

ip route x.x.184.0 255.255.255.0 Null0

ip route x.x.185.0 255.255.255.0 Null0

ip route x.x.186.0 255.255.254.0 Null0

ip route x.x.188.0 255.255.254.0 Null0

ip route x.x.190.0 255.255.254.0 Null0

ip route z.z.68.0 255.255.255.0 y.y.90.9

ip route z.z.96.0 255.255.255.0 y.y.90.9

!

ip access-list extended cache80

deny   tcp host x.x.176.194 any eq www

deny   ip any x.x.176.0 0.0.0.255

deny   ip any x.x.178.0 0.0.0.255

deny   ip any x.x.179.0 0.0.0.255

deny   ip any x.x.180.0 0.0.0.255

deny   ip any x.x.181.0 0.0.0.255

deny   ip any x.x.182.0 0.0.0.255

deny   ip any x.x.183.0 0.0.0.255

deny   ip any x.x.184.0 0.0.0.255

deny   ip any x.x.185.0 0.0.0.255

deny   ip any x.x.186.0 0.0.0.255

deny   ip any x.x.188.0 0.0.0.255

deny   ip any x.x.190.0 0.0.0.255

permit tcp x.x.178.0 0.0.0.255 any eq www

permit tcp x.x.181.0 0.0.0.255 any eq www

permit tcp x.x.182.0 0.0.0.255 any eq www

permit tcp x.x.183.0 0.0.0.255 any eq www

permit tcp x.x.184.0 0.0.0.255 any eq www

permit tcp x.x.185.0 0.0.0.255 any eq www

permit tcp x.x.186.0 0.0.1.255 any eq www

permit tcp x.x.188.0 0.0.1.255 any eq www

permit tcp x.x.190.0 0.0.1.255 any eq www

ip access-list extended cache90

deny   ip x.x.176.0 0.0.0.255 any

deny   ip x.x.178.0 0.0.0.255 any

deny   ip x.x.179.0 0.0.0.255 any

deny   ip x.x.180.0 0.0.0.255 any

deny   ip x.x.181.0 0.0.0.255 any

deny   ip x.x.182.0 0.0.0.255 any

deny   ip x.x.183.0 0.0.0.255 any

deny   ip x.x.184.0 0.0.0.255 any

deny   ip x.x.185.0 0.0.0.255 any

deny   ip x.x.186.0 0.0.0.255 any

deny   ip x.x.188.0 0.0.0.255 any

deny   ip x.x.190.0 0.0.0.255 any

permit tcp any x.x.178.0 0.0.0.255

permit tcp any x.x.181.0 0.0.0.255

permit tcp any x.x.182.0 0.0.0.255

permit tcp any x.x.183.0 0.0.0.255

permit tcp any x.x.184.0 0.0.0.255

permit tcp any x.x.185.0 0.0.0.255

permit tcp any x.x.186.0 0.0.1.255

permit tcp any x.x.188.0 0.0.1.255

permit tcp any x.x.190.0 0.0.1.255

ip access-list extended four-mega-home

permit ip any x.x.183.0 0.0.0.127

ip access-list extended half-one-mega-home

permit ip any x.x.181.0 0.0.0.255

permit ip any x.x.182.0 0.0.0.255

ip access-list extended overlimit

permit ip any x.x.184.0 0.0.0.255

permit ip any x.x.183.0 0.0.0.255

permit ip any x.x.182.0 0.0.0.255

permit ip any x.x.181.0 0.0.0.255

ip access-list extended two-mega-home

permit ip any x.x.184.0 0.0.0.255

!

ip sla 1

icmp-echo 8.8.8.8 source-ip z.z.66.130

threshold 2000

tag A LINE 175Mb

frequency 5

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo 194.90.1.5 source-ip w.w.172.250

threshold 2000

tag B LINE 50Mb

frequency 5

ip sla schedule 2 life forever start-time now

no logging trap

access-list 1 remark Auto generated by SDM Management Access feature

access-list 1 remark CCP_ACL Category=1

access-list 1 permit x.x.178.150

access-list 1 permit x.x.178.140

access-list 10 permit x.x.178.0 0.0.0.255

access-list 10 permit x.x.179.0 0.0.0.255

access-list 10 permit x.x.181.0 0.0.0.255

access-list 10 permit x.x.182.0 0.0.0.255

access-list 10 permit x.x.183.0 0.0.0.255

access-list 10 permit x.x.184.0 0.0.0.255

access-list 10 permit x.x.185.0 0.0.0.255

access-list 10 permit x.x.186.0 0.0.1.255

access-list 10 permit x.x.188.0 0.0.1.255

access-list 10 permit x.x.190.0 0.0.1.255

access-list 30 permit x.x.176.0 0.0.0.255

access-list 30 permit x.x.177.0 0.0.0.255

access-list 30 permit x.x.180.0 0.0.0.255

access-list 100 permit tcp host x.x.178.150 host x.x.177.6 eq telnet

access-list 100 permit tcp host x.x.178.140 host x.x.177.6 eq telnet

access-list 100 permit tcp host x.x.180.4 host x.x.177.6 eq telnet

access-list 100 permit tcp host x.x.178.150 host x.x.177.6 eq www

access-list 100 permit tcp host x.x.178.140 host x.x.177.6 eq www

access-list 100 deny   tcp any host x.x.177.6 eq telnet

access-list 100 deny   tcp any host x.x.177.6 eq 22

access-list 100 deny   tcp any host x.x.177.6 eq www

access-list 100 deny   tcp any host x.x.177.6 eq 443

access-list 100 deny   tcp any host x.x.177.6 eq cmd

access-list 100 deny   udp any host x.x.177.6 eq snmp

access-list 100 permit ip any any

access-list 101 remark CCP_ACL Category=1

access-list 101 permit ip host x.x.178.150 any

access-list 101 permit ip host x.x.178.140 any

access-list 101 permit ip host x.x.180.2 any

access-list 101 permit ip host x.x.178.67 any

access-list 101 permit ip host x.x.1.2 any

access-list 101 deny   ip any any

no cdp advertise-v2

no cdp run

!

!

!

!

route-map ISPA permit 10

set as-path prepend xxx

!

route-map A_LINE permit 10

match ip address 30

set as-path prepend xxx xxx xxx

!

route-map A_LINE permit 20

match ip address 10

!

route-map B_LINE permit 10

match ip address 10

set as-path prepend xxx xxx xxx

!

route-map B_LINE permit 20

match ip address 30

!

route-map DEFAULT-ROUTE permit 10

match ip address 10

set ip next-hop verify-availability z.z.66.129 1 track 1

set ip next-hop verify-availability w.w.172.249 2 track 2

!

route-map DEFAULT-ROUTE permit 20

match ip address 30

set ip next-hop verify-availability w.w.172.249 1 track 2

set ip next-hop verify-availability z.z.66.129 2 track 1

!

snmp-server community ********* RO

snmp-server trap-source GigabitEthernet0/1

!

radius-server host x.x.180.2 auth-port 1812 acct-port 1813 key 7 *******

!

control-plane

!

!

!

!

!

!

line con 0

transport output telnet

stopbits 1

line aux 0

transport output telnet

stopbits 1

line vty 0 4

access-class 101 in

password 7 ***********

transport input telnet ssh

!

event manager applet shutdown_BGP_Bline

event track 1 state down

action 1.0 cli command "enable"

action 1.1 cli command "clear ip bgp w.w.172.249 all"

event manager applet shutdown_BGP_Aline

event track 2 state down

action 2.0 cli command "enable"

action 2.1 cli command "clear ip bgp z.z.66.129 all"

!

end

Labels:
0 Helpful
1 Reply 1

Dr.X
Level 2
Level 2

‎01-10-2014 11:25 AM

hi ,

have u found the soltution for this issue ??

if so ,

let me know it

regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card