Re: Haven't found info on max conn/max conn per second for ISR r
Very sad, that there are no numbers. A few years ago there were quite detailed infos available, e.g. how many bytes of RAM a CBAC-connection needs etc... so could at least give a *very rough* estimate if you know how much free mem you have, even if you calculate an insecurity of -50% to +100% you could at least have a rough estimate.
I do not agree on link speed as the primary issue. With short connections on a saturated 10 MBit/s line it could mean some 2000 or 1000 connections per second if you estimate a "short connection" at roughly 500 or 1000 bytes.
And with up to 2000 clients beeing active at the same time and each of the clients probably occupying several connections (maybe up to 10 or 20 because of connection/translation timeouts) you could end up with 20000 entries or more in the NAT and connection tables.
That seems to me a higher impact than a forwarding rate of 10 MBit/s
But thx anyhow and rgds,
Addendum: I have seen posts on message boards, reporting "cpu meltdown" on a 2811 with around 3000 conn/second and on a 1811 with around 1000 conn/second. That's why I was asking.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...