نوشته اصلی توسط
aryagohar
بطور طبيعي با ايجاد NAT بار افزايش پيدا مي كنه. ولي نحوه تعريف Access-group هاي شما در 2 تا از اينترفيس ها به يك صورت مزيد بر علت شده.
اگه access-group ها رو كمتر كني و دقيقا به صورتي كه درست هست اعمال كني پروسس روترت بين 10 تا 15 درصد كمتر ميشه
با سلام
تنظيمات زير انجام دادم تغيير فاحشي رخ نداد
hostname 2511
!
aaa new-model
a
aa authentication login default local
aaa authentication ppp nttac radius local
aaa authorization network nttac radius
aaa accounting update newinfo
aaa accounting exec nttac start-stop radius
aaa accounting network default none
aaa accounting network nttac start-stop radius
enable secret 5 ???/
!
username user1 privilege 15 password 0 ????
username user password 0 ????
ip subnet-zero
ip rcmd rsh-enable
ip rcmd remote-host SYSTEM 192.168.1.10 SYSTEM enable
ip name-server 4.2.2.4
ip name-server 192.9.9.3
ip name-server 195.146.32.2
ip name-server 195.146.32.66
!
!
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Serial0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial1
ip address x.x.x.x x.x.x.x (ip valid - subnet)
ip access-group wall in
no ip directed-broadcast
ip nat outside
interface Group-Async1
ip unnumbered Ethernet0
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
async mode interactive
peer default ip address pool pool1
ppp authentication pap nttac
ppp authorization nttac
ppp accounting nttac
group-range 1 16
!
ip local pool pool1 x.x.x.x x.x.x.x (ip valid)
ip nat inside source list 1 interface Serial1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial1
ip access-list extended wall
deny tcp any any eq 445
deny tcp any any eq 135
deny tcp any any eq 139
deny tcp any any eq 593
deny tcp any any eq 4444
deny udp any any eq 1434
deny udp any any eq 135
deny udp any any eq netbios-ns
deny udp any any eq netbios-dgm
deny udp any any eq netbios-ss
deny tcp any any eq 136
deny tcp any any eq 137
deny tcp any any eq 138
deny udp any any range 995 999
deny tcp any any eq 1434
deny udp any any eq ntp
deny icmp any any echo
deny icmp any any echo-reply
permit ip any any
access-list 1 permit 192.168.1.0 0.0.0.255
snmp-server community ???? RW 15
radius-server configure-nas
radius-server host 192.168.1.10 auth-port 1645 acct-port 1646
radius-server timeout 7
radius-server deadtime 10
!
line con 0
transport input none
line 1 16
autoselect during-login
autoselect ppp
modem answer-timeout 10
modem Dialin
modem autoconfigure discovery
terminal-type vt100
transport input all
escape-character BREAK
autohangup
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
نتيجه اين شد
CPU utilization for five seconds: 45%/29%; one minute: 31%; five minutes: 31%
PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
1 36528 52099 701 0.00% 0.01% 0.00% 0 Load Meter
2 2356 191 12335 0.40% 1.60% 0.60% 18 Virtual Exec
3 1155428 68486 16871 0.00% 0.40% 0.39% 0 Check heaps
4 2368 835 2835 0.00% 0.00% 0.00% 0 Pool Manager
5 4 2 2000 0.00% 0.00% 0.00% 0 Timers
6 21360 1091 19578 0.00% 0.00% 0.00% 0 Serial Backgroun
7 26644 6499 4099 0.00% 0.00% 0.00% 0 ARP Input
8 392 718 545 0.00% 0.00% 0.00% 0 DDR Timers 9 20 2 10000 0.00% 0.00% 0.00% 0 Entity MIB API
10 0 1 0 0.00% 0.00% 0.00% 0 SERIAL A'detect 11 8927572 2126370 4198 15.67% 2.33% 0.97% 0 IP Input
12 90040 36060 2496 0.00% 0.02% 0.00% 0 CDP Protocol
13 47916 33322 1437 0.00% 0.00% 0.00% 0 Asy FS Helper
14 4240 3587 1182 0.00% 0.00% 0.00% 0 PPP IP Add Route
15 0 1 0 0.00% 0.00% 0.00% 0 X.25 Encaps Mana 16 92 138 666 0.00% 0.00% 0.00% 0 TCP Timer
17 44 8 5500 0.00% 0.00% 0.00% 0 TCP Protocols
18 0 1 0 0.00% 0.00% 0.00% 0 Probe Input
19 0 1 0 0.00% 0.00% 0.00% 0 RARP Input
20 10532 1627 6473 0.00% 0.00% 0.00% 0 BOOTP Server
21 224068 11388 19675 0.00% 0.03% 0.04% 0 IP ackground
22 30368 4354 6974 0.00% 0.00% 0.00% 0 IP Cache Ager
23 4 1 4000 0.00% 0.00% 0.00% 0 PAD InCall
24 0 2 0 0.00% 0.00% 0.00% 0 X.25 Background
25 0 1 0 0.00% 0.00% 0.00% 0 Socket Timers
26 4 1 4000 0.00% 0.00% 0.00% 0 ISDN Timer
27 34336 5297 6482 0.00% 0.01% 0.00% 0 PPP auth
28 0 1 0 0.00% 0.00% 0.00% 0 CallMIB Backgrou
29 0 1 0 0.00% 0.00% 0.00% 0 ISDNMIB Backgrou 30 0 1 0 0.00% 0.00% 0.00% 0 SNMP ConfCo
31 8 2 4000 0.00% 0.00% 0.00% 0 Critical Bkgnd
32 432596 63787 6781 0.00% 0.06% 0.07% 0 Net Background
33 3404 10578 321 0.00% 0.00% 0.00% 0 Logger
34 87840 260022 337 0.00% 0.00% 0.00% 0 TTY Background
35 42540 260083 163 0.00% 0.00% 0.00% 0 Per-Second Jobs
36 14300 26093 548 0.00% 0.00% 0.00% 0 Net Input
37 412232 52100 7912 0.16% 0.12% 0.10% 0 Compute load avg
38 542272 4343 124861 0.00% 0.16% 0.16% 0 Per-minute Jobs
39 4844 18431 262 0.00% 0.00% 0.00% 0 IP NAT Ager
40 7632 2134 3576 0.00% 0.00% 0.00% 0 AAA Accounting
41 4 2 2000 0.00% 0.00% 0.00% 0 CCP manager
42 39760 12853 3093 0.00% 0.00% 0.00% 0 PPP manager
43 24060 260341 92 0.00% 0.00% 0.00% 0 Multilink PPP
44 4 2 2000 0.00% 0.00% 0.00% 0 Multilink PPP
45 4 2 2000 0.00% 0.00% 0.00% 0 Multilink event
46 0 1 0 0.00% 0.00% 0.00% 0 SNMP Timers
47 632 29 21793 0.00% 0.00% 0.00% 0 IP SNMP
48 0 1 0 0.00% 0.00% 0.00% 0 SNMP Traps
49 11844 6356 1863 0.00% 0.00% 0.00% 0 RADIUS
به نظر شما براي 4 يوزر فعال پروسس بالا نيست ؟
m.dehghan