We run 7206 NPE-G1s on some GigE peering points. At about 800Mbps of aggregate Internet traffic (inbound + outbound, as measured from Cacti) the CPU sits around 70%. Setup: - inbound and outbound Internet-facing ACLs (50 lines and 25 lines respectively, turbo ACL) - Inbound Internet-facing policy-map to remark DSCP (references 7-line ACL) - minimal routes via BGP (approx 1500) - 15.1 SP train YMMV, but they work well for us in this scenario. With downstream-to-upstream traffic patterns of approx 7-to-1 the GigE and CPU will peak out at about the same time. Side note - our G2s at that same 800Mbps traffic rate run at approx 60% CPU. Cheers Mark W On 2/11/14 2:10 AM, "Geraint Jones" <geraint@koding.com> wrote:
Or assuming your using an Ethernet of some sort as your upstream connections you could grab something like a CCR from mikrotik for < $1k and sleep easy knowing you're only using 6% of it's capacity.
Sent from my iPhone •
On 11/02/2014, at 3:52 pm, Octavio Alvarez <alvarezp@alvarezp.ods.org> wrote:
On 02/10/2014 06:05 PM, Vlade Ristevski wrote: Are you suggesting getting the default gateway from both providers or getting the full table from one and using the default as a backup on the other (7206)?
Whatever suits you best. Test and see. I'd just receive the full table anyway but filter them out, letting only the default routes go into the RIB. This should streamline your FIB. As I say, you lose outbound load balancing and your redundancy becomes all-or-nothing, but you save a few cycles.
Again, I wouldn't recommend any of this because of the drawbacks, but along with other recommendations that others have made, like Turbo ACLs, it may buy you some time.