[prev in list] [next in list] [prev in thread] [next in thread]
List: cisco-nas
Subject: Re: [cisco-nas] VPN on Cisco AS53xx
From: David Lin <david.lin () msn ! com>
Date: 2008-08-26 20:35:44
Message-ID: BLU140-W789041B30317C2115108EFE660 () phx ! gbl
[Download RAW message or body]
Well, I will use another box for VPN. Thanks!
> Date: Tue, 26 Aug 2008 13:15:50 -0700> From: Aaron@cisco.com> To: \
> david.lin@msn.com> CC: cisco-nas@puck.nether.net> Subject: Re: [cisco-nas] VPN on \
> Cisco AS53xx> > David,> > I think, even with 60% peak CPU load, I'd be wary of \
> running the IPsec> tunnels into this 5350. Better to run the IPsec into a separate \
> box> with some dedicated crypto hw - for a few tunnels, even an 871 or 851> would \
> do the trick.> > As far as L2TP ... that's a non-encrypted tunneling protocol \
> that's> typically used in the following applications:> > * tunneling layer 2 \
> traffic over an IP network (see L2TPv3)> * wholesale network access for dial / \
> PPPoA customers> > > If you haven't heard of it, you probably don't want it ...> > \
> Aaron> > ----> > > Aaron,> > Thanks your comment.> > I meant it's used 80% of \
> circuit channel capacity. The CPU usage is up> > to 60% at the peak time. And I'm \
> gonna use IPSec VPN.(Can you briefly> > explain the L2TP configuration on AS53xx?)> \
> > > > David> > > > > >> >> > > Date: Tue, 26 Aug 2008 10:53:22 -0700> > > From: \
> > > > Aaron@cisco.com> > > To: david.lin@msn.com> > > CC: \
> > > > cisco-nas@puck.nether.net> > > Subject: Re: [cisco-nas] VPN on Cisco AS53xx> \
> > > > > >> > > David,> > >> > > Not sure what you mean by "80% of capacity". Do you \
> > > > > > > > > mean that the CPU> > > is 80% busy? If so, then I wouldn't want to \
> > > > > > > > > terminate VPN into this> > > box, because the 5350 does crypto in \
> > > > > > > > > software. (Assuming that you are> > > referring to crypto VPN such \
> > > > > > > > > as IPsec, not unencrypted VPN such as L2TP,> > > which is not too \
> > > > > > > > > CPU intensive.)> > >> > > Aaron> > >> > > \
> > > > > > > > > ------------------------------------------------------------------------> \
> > > > > > > > > > >> > > > Hi all,> > > > I have a Cisco AS5350 which is carrying \
> > > > > > > > > > > > > > > calls up to 80% of capacity.> > > > Is it good for \
> > > > > > > > > > > > > > > setting up VPN connections(roughly 10) on this \
> > > > > > > > > > > > > > > gateway?> > > >> > > > Thanks,> > > >> > > > David> > > \
> > > > > > > > > > > > > > > >> > > >> > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
> > > > > > > > > > > > > > > > > > > > > > \
_________________________________________________________________
Find hidden words, unscramble celebrity names, or try the ultimate crossword puzzle \
with Live Search Games. Play now! http://g.msn.ca/ca55/212
[Attachment #3 (text/html)]
<html>
<head>
<style>
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt;
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class='hmmessage'>
Well, I will use another box for VPN. Thanks!<BR>
<BR><BR>> Date: Tue, 26 Aug 2008 13:15:50 -0700<BR>> From: \
Aaron@cisco.com<BR>> To: david.lin@msn.com<BR>> CC: \
cisco-nas@puck.nether.net<BR>> Subject: Re: [cisco-nas] VPN on Cisco \
AS53xx<BR>> <BR>> David,<BR>> <BR>> I think, even with 60% peak CPU load, \
I'd be wary of running the IPsec<BR>> tunnels into this 5350. Better to run the \
IPsec into a separate box<BR>> with some dedicated crypto hw - for a few tunnels, \
even an 871 or 851<BR>> would do the trick.<BR>> <BR>> As far as L2TP ... \
that's a non-encrypted tunneling protocol that's<BR>> typically used in the \
following applications:<BR>> <BR>> * tunneling layer 2 traffic over an IP \
network (see L2TPv3)<BR>> * wholesale network access for dial / PPPoA \
customers<BR>> <BR>> <BR>> If you haven't heard of it, you probably don't \
want it ...<BR>> <BR>> Aaron<BR>> <BR>> ----<BR>> <BR>> > \
Aaron,<BR>> > Thanks your comment.<BR>> > I meant it's used 80% of \
circuit channel capacity. The CPU usage is up<BR>> > to 60% at the peak time. \
And I'm gonna use IPSec VPN.(Can you briefly<BR>> > explain the L2TP \
configuration on AS53xx?)<BR>> > <BR>> > David<BR>> > <BR>> > \
<BR>> ><BR>> ><BR>> > > Date: Tue, 26 Aug 2008 10:53:22 \
-0700<BR>> > > From: Aaron@cisco.com<BR>> > > To: \
david.lin@msn.com<BR>> > > CC: cisco-nas@puck.nether.net<BR>> > > \
Subject: Re: [cisco-nas] VPN on Cisco AS53xx<BR>> > ><BR>> > > \
David,<BR>> > ><BR>> > > Not sure what you mean by "80% of \
capacity". Do you mean that the CPU<BR>> > > is 80% busy? If so, then I \
wouldn't want to terminate VPN into this<BR>> > > box, because the 5350 does \
crypto in software. (Assuming that you are<BR>> > > referring to crypto VPN \
such as IPsec, not unencrypted VPN such as L2TP,<BR>> > > which is not too \
CPU intensive.)<BR>> > ><BR>> > > Aaron<BR>> > ><BR>> \
> > ------------------------------------------------------------------------<BR>> \
> ><BR>> > > > Hi all,<BR>> > > > I have a Cisco AS5350 \
which is carrying calls up to 80% of capacity.<BR>> > > > Is it good for \
setting up VPN connections(roughly 10) on this gateway?<BR>> > > \
><BR>> > > > Thanks,<BR>> > > ><BR>> > > > \
David<BR>> > > ><BR>> > > ><BR>> > \
------------------------------------------------------------------------<BR>> > \
> ><BR>> > \
------------------------------------------------------------------------<BR>> > \
> ><BR>> > > > \
_______________________________________________<BR>> > > > cisco-nas \
mailing list<BR>> > > > cisco-nas@puck.nether.net<BR>> > > > \
https://puck.nether.net/mailman/listinfo/cisco-nas<BR>> > ><BR>> \
><BR>> ><BR>> > \
------------------------------------------------------------------------<BR>> \
<BR><BR><br /><hr /> <a href='' target='_new'></a></body> </html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic