Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

decreased cat3750 performance with PBR config

Hello,

Since we have activated PBR on our layer 3 switch (cat3750),the performance has severely decreased.

Is there something about the config?

There are some 30 vlans and the purpose is that services with ip addresses from 10.7.2.8 - 10.7.2.15 which are backup servers don't have to pass the firewall which has address 10.5.1.1

Here's a part of the config and version output:

interface Vlan416

ip address 172.24.16.1 255.255.255.0 secondary

ip address 10.7.16.1 255.255.255.0

no ip redirects

no ip unreachables

ip policy route-map tofwc00002

no ip mroute-cache

!

interface Vlan417

ip address 172.24.17.1 255.255.255.0 secondary

ip address 10.7.17.1 255.255.255.0

no ip redirects

no ip unreachables

ip policy route-map tofwc00002

interface Vlan420

ip address 10.7.20.1 255.255.255.0 secondary

ip address 172.18.3.1 255.255.255.0

no ip redirects

no ip unreachables

ip policy route-map tofwc00002

ip access-list extended BE_Vlantovlan

deny ip 10.7.2.8 0.0.0.7 172.16.0.0 0.15.255.255

deny ip 172.16.0.0 0.15.255.255 10.7.2.8 0.0.0.7

deny ip 172.18.4.0 0.0.0.255 10.0.0.0 0.255.255.255

deny ip 10.0.0.0 0.255.255.255 172.18.4.0 0.0.0.255

deny ip 172.18.4.0 0.0.0.255 172.16.0.0 0.15.255.255

deny ip 172.16.0.0 0.15.255.255 172.18.4.0 0.0.0.255

permit ip 10.6.0.0 0.1.255.255 172.16.0.0 0.15.255.255

permit ip 172.16.0.0 0.15.255.255 10.6.0.0 0.1.255.255

permit ip 172.16.0.0 0.15.255.255 172.16.0.0 0.15.255.255

deny ip any any

route-map tofwc00002 permit 10

match ip address BE_Vlantovlan

set ip next-hop 10.5.1.1

# sh ver

Cisco IOS Software, C3750 Software (C3750-IPSERVICES-M), Version 12.2(25)SEB4, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2005 by Cisco Systems, Inc.

Compiled Tue 30-Aug-05 15:47 by yenanh

ROM: Bootstrap program is C3750 boot loader

BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(25r)SEB1, RELEASE SOFTWARE (fc)

easw00045 uptime is 1 week, 5 days, 6 hours, 17 minutes

System returned to ROM by power-on

System image file is "flash:c3750-ipservices-mz.122-25.SEB4/c3750-ipservices-mz.122-25.SEB4.bin"

cisco WS-C3750G-24T (PowerPC405) processor (revision L0) with 118784K/12280K bytes of memory.

Processor board ID CAT0941Z0VM

Last reset from power-on

28 Virtual Ethernet interfaces

48 Gigabit Ethernet interfaces

The password-recovery mechanism is enabled.512K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address : 00:15:C6:C7:CC:00

Motherboard assembly number : 73-9679-08

Power supply part number : 341-0048-03

Motherboard serial number : CAT094105UG

Power supply serial number : DTH09362ZWB

Model revision number : L0

Motherboard revision number : A0

Model number : WS-C3750G-24T-E

System serial number : CAT0941Z0VM

Top Assembly Part Number : 800-26633-01

Top Assembly Revision Number : B0

Version ID : V05

CLEI Code Number : COMR200BRA

Hardware Board Revision Number : 0x02

Anyone who was an idea? known issue with Cisco or config problem?

Thanks for your advice,it would be highly appreciated.

Kind regards,

Kurt

2 REPLIES
New Member

Re: decreased cat3750 performance with PBR config

if using the default sdm template, try changing the Switch Database Manager template to routing

'sdm prefer routing'

http://www.cisco.com/en/US/products/hw/switches/ps5023/products_configuration_guide_chapter09186a00805a6506.html#wp1055606

New Member

Re: decreased cat3750 performance with PBR config

Hi there,

thanks for you reply.

I will give it a try.

Kurt

122
Views
0
Helpful
2
Replies
CreatePlease login to create content