سلام دوستان
اقا من یه as533 دارم که کاره NAT و Gateway رو انجام میده
نمیدونم چرا بعضی وقتا CPU Usage میره بالا (Ipinput 98%) بعداز 1-2 دقیقه خودش میاد پایین
این اتفاق حتی زمانی که یوزر هم کمه پیش میاد
ارت بهش وصله فقط 2E1 روش فعاله
لطفا نظر بدین که از کجا میتونه باشه؟
------------------------------------------------
User Access Verification
Router#sh run
Building configuration...
Current configuration : 5741 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
spe 1/0 1/9
firmware location flash:mica-modem-pw.2.9.5.0.bin
!
!
resource-pool disable
!
aaa new-model
!
!
aaa authentication login default group radius local
aaa authentication login no_tacacs local
aaa authentication enable default enable group radius
aaa authentication ppp default group radius
aaa authorization exec default local group radius if-authenticated
aaa authorization network default group radius local
aaa accounting nested
aaa accounting update newinfo
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius
aaa session-id common
ip subnet-zero
ip rcmd rsh-enable
ip rcmd remote-host system x.y.z.w system enable
ip cef
ip host nttac x.y.z.w
ip host aaa x.y.z.w
ip name-server 217.218.127.104
ip name-server 192.9.9.3
ip name-server 217.218.155.105
ip name-server 217.218.127.105
!
isdn switch-type primary-net5
!
!
!
controller E1 0
framing NO-CRC4
clock source line primary
ds0-group 1 timeslots 1-15,17-31 type r2-digital
cas-custom 1
!
controller E1 1
framing NO-CRC4
clock source line secondary 1
ds0-group 1 timeslots 1-15,17-31 type r2-digital
cas-custom 1
!
controller E1 2
clock source line secondary 2
pri-group timeslots 1-31
!
controller E1 3
clock source line secondary 3
pri-group timeslots 1-31
!
controller E1 4
clock source line secondary 4
!
controller E1 5
clock source line secondary 5
!
controller E1 6
clock source line secondary 6
!
controller E1 7
clock source line secondary 7
!
!
interface Ethernet0
ip address 10.10.1.2 255.255.255.0
shutdown
no cdp enable
!
interface Serial0
ip unnumbered FastEthernet0
ip access-group 115 in
ip nat outside
no ip mroute-cache
ip policy route-map cach
no fair-queue
no cdp enable
!
interface Serial1
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial2
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial3
no ip address
shutdown
clockrate 2015232
no fair-queue
no cdp enable
!
interface Serial2:15
no ip address
encapsulation ppp
dialer rotary-group 10
isdn switch-type primary-net5
isdn incoming-voice modem
isdn calling-number 9713200
no cdp enable
!
interface Serial3:15
ip unnumbered FastEthernet0
encapsulation ppp
ip tcp header-compression passive
isdn switch-type primary-net5
isdn incoming-voice modem
isdn calling-number 9713200
!
interface FastEthernet0
ip address 172.16.20.100 255.255.255.0 secondary
ip address 192.168.0.1 255.255.255.0 secondary
ip address x.y.z.p 255.255.255.252
ip access-group 115 out
ip nat inside
rate-limit input access-group 120 8000 2250 4500 conform-action continue exceed
-action drop
rate-limit output access-group 120 56000 11250 22500 conform-action continue ex
ceed-action drop
no ip mroute-cache
duplex full
speed 100
no cdp enable
!
interface Group-Async0
ip unnumbered FastEthernet0
ip access-group 115 in
ip access-group 115 out
ip nat inside
encapsulation ppp
ip tcp header-compression
ip tcp compression-connections 100
no ip mroute-cache
async default routing
async mode interactive
peer default ip address pool default
no keepalive
compress mppc
ppp authentication pap chap ms-chap
group-range 1 120
!
interface Dialer10
ip unnumbered FastEthernet0
encapsulation ppp
no ip mroute-cache
dialer in-band
dialer idle-timeout 900
peer default ip address pool default
no cdp enable
ppp authentication pap chap ms-chap
ppp multilink
!
ip local pool default 172.16.20.1 172.16.20.61
ip nat pool nat_inside x.y.z.p x.y.z.p netmask 255.255.255.240
ip nat inside source list 1 pool nat_inside overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
no ip http server
!
!
access-list 1 permit 192.168.0.10
access-list 1 permit 172.16.20.0 0.0.0.255
access-list 6 permit x.y.z.w
access-list 110 permit tcp 172.16.20.0 0.0.0.255 any eq www
access-list 110 deny ip any any
access-list 115 deny tcp any any eq 135
access-list 115 deny udp any any eq 135
access-list 115 deny udp any any eq netbios-ns
access-list 115 deny udp any any eq netbios-dgm
access-list 115 deny tcp any any eq 139
access-list 115 deny udp any any eq netbios-ss
access-list 115 deny tcp any any eq 445
access-list 115 deny tcp any any eq 593
access-list 115 deny tcp any any eq 4444
access-list 115 permit icmp 80.124.25.0 0.0.0.243 any
access-list 115 permit icmp any 80.124.25.0 0.0.0.243
access-list 115 deny icmp any any
access-list 115 permit ip any any
access-list 115 deny udp any any eq 1434
access-list 115 deny tcp any any eq 54283
access-list 115 deny tcp any any eq 2773
access-list 115 deny tcp any any eq 27374
access-list 115 deny tcp any any eq 1243
access-list 120 permit ip host 172.16.20.200 any
no cdp run
route-map cache permit 10
match ip address 110
set ip next-hop 172.16.20.150
!
snmp-server community snmp-newnet RO 1
snmp-server community public RW 6
snmp-server enable traps tty
radius-server host x.y.z.w auth-port 1645 acct-port 1646
radius-server retransmit 10
radius-server authorization permit missing Service-Type
!
line con 0
exec-timeout 0 0
logging synchronous
line 1 120
no flush-at-activation
modem InOut
modem autoconfigure type mica
transport input all
autoselect during-login
autoselect ppp
line aux 0
line vty 0 4
login authentication no_tacacs
!
!
end
Router#
موضوعات مشابه: