[prev in list] [next in list] [prev in thread] [next in thread]
List: unbound-users
Subject: Re: Feature request
From: Yuri via Unbound-users <unbound-users () nlnetlabs ! nl>
Date: 2019-03-11 13:35:34
Message-ID: cdb7a8dd-5905-58d9-2100-ea87202fb9a0 () gmail ! com
[Download RAW message or body]
11.03.2019 19:08, Tony Finch пишет:
> Yuri via Unbound-users <unbound-users@nlnetlabs.nl> wrote:
>> For DNS interception (to Unbound, of course) I'm using PBR:
>>
>> ip access-list extended intercept-ports
>> permit udp any any eq domain
>> permit tcp any any eq domain
>> deny ip any any
>> !
>> !
>> route-map redirect_dns permit 30
>> match ip address intercept-ports
>> set ip next-hop 192.168.200.3
>> !
>>
>> which processes on router CPU and sometimes overload them.
> That sounds to me like something that should be solvable with a
> configuration fix. Maybe this?
> https://community.cisco.com/t5/switching/high-cpu-usage-after-configured-pbr/td-p/2325961
Nop. This is specifix Catalyst 4500 switch solution.
But I'm talking about routers. At least, ISRG2 family.
>
> Tony.
--
"C++ seems like a language suitable for firing other people's legs."
*****************************
* C++20 : Bug to the future *
*****************************
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic