Cisco Systems 10000 Network Router User Manual


  Open as PDF
of 624
 
2-5
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 2 Scalability and Performance
Scaling Enhancements in Cisco IOS Release 12.2(33)SB
Scaling Enhancements in Cisco IOS Release 12.2(33)SB
Cisco IOS Release 12.2(33)SB provides increased scalability for the Layer 4 Redirect feature.
Layer 4 Redirect Scaling
The Layer 4 Redirect feature allows redirection of users' TCP or UDP traffic to a server to control and
increase performance. In Cisco IOS Release12.2(33)SB, the ISG L4R feature is implemented in the PXF.
This design increases the number of redirects to provide higher scalability and performance. This
enhancement is a scalable solution for portals and self-provisioning and is supported on PRE3 and PRE4
only. On a PRE2 L4R translations are done in the RP.
PBHK translations are always done in the RP. The L4R feature is scalable when applied alone; however,
certain scalability restrictions apply when it is used with PBHK. See also the
“Limitations and
Restrictions” section on page 2-3.
In Example 2-1, when the destination IP used in the PBHK ACL (162) matches the redirected server IP
address, L4R translations are done in the RP.
Example 2-1 L4R Translations in the Route Processor
class-map type traffic match-any class-l4r
match access-group input 152
policy-map type service ser-l4r
class type traffic class-l4r
redirect to ip 200.0.0.2
ip portbundle
match access-list 162
source loopback 1
access-list 152 deny tcp any host 200.0.0.2
access-list 152 permit tcp any any
access-list 162 permit tcp any host 200.0.0.2
In Example 2-2, when the destination IP used in the PBHK ACL (162) is not the same as the redirected
server IP address, L4R translations are done in the PXF.
Example 2-2 L4R Translations in PXF
class-map type traffic match-any class-l4r
match access-group input 152
policy-map type service ser-l4r
class type traffic class-l4r
redirect to ip 210.0.0.2
ip portbundle
match access-list 162
source loopback 1
access-list 152 deny tcp any host 200.0.0.2
access-list 152 permit tcp any any
access-list 162 permit tcp any host 200.0.0.2
 previous next