I have a 7505 with an RSP2 running IOS 12.4. One of the boards is a VIP2-50, and on that board is a PA-FE-TX and a PA-4E. The PA-FE-TX is attached to my routed public network, and one of the ports on the PA-4E is attached to my NATed private one.
The outbound connection is a PPPoE DSL line at 3Mbps, which is on another port of the PA-4E. All interfaces have full-duplex turned on. When I download something on the internet using a machine on the public network, it downloads more than 10 (probably more than 100) times faster than a download of the same file from the same server performed from any of the machines on the private network. Moreover, an SFTP file transfer moving a file from a machine on the public network to a machine on the private network only transfers at about 150KB/s. A Windows file sharing transfer doesn't go much faster, so it's not the encryption doing it. My configuration follows: ! ! Last configuration change at XXXXXXXXXXXXXXXXXXXXXXXXXXXX by XXXXXXXXX ! NVRAM config last updated at XXXXXXXXXXXXXXXXXXXXXXXXXXXX by XXXXXXXXX ! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service single-slot-reload-enable ! hostname blackcube ! boot-start-marker boot system slot1:rsp-jk9o3sv-mz.124-1a.bin boot bootldr slot0:rsp-boot-mz.124-1a.bin boot-end-marker ! ! redundancy enable secret XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ! aaa new-model ! ! ! aaa session-id common ! resource policy ! ip subnet-zero ! ! ip cef distributed ip domain name ikickass.org ip name-server 168.100.193.130 ip name-server 168.100.250.212 no ip dhcp use vrf connected ! ! ip multicast-routing distributed no ip ips deny-action ips-interface ip ssh time-out 60 ip ssh authentication-retries 2 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! username XXXXXXXXXXXXXX password X XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ! ! ! ! ! interface FastEthernet2/0/0 ip address 168.100.193.129 255.255.255.224 full-duplex ! interface Ethernet2/1/0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip mroute-cache distributed full-duplex pppoe enable pppoe-client dial-pool-number 1 no cdp enable ! interface Ethernet2/1/1 ip address 172.22.22.1 255.255.255.0 ip nat inside ip virtual-reassembly full-duplex ! interface Ethernet2/1/2 no ip address no ip route-cache cef no ip route-cache distributed no ip route-cache shutdown full-duplex ! interface Ethernet2/1/3 no ip address no ip route-cache cef no ip route-cache distributed no ip route-cache shutdown ! interface Virtual-Template1 no ip address ! interface Dialer1 mtu 1492 ip address negotiated no ip unreachables ip nat outside ip virtual-reassembly encapsulation ppp ip tcp adjust-mss 1452 no ip mroute-cache dialer pool 1 dialer-group 1 no cdp enable ppp authentication pap callin ppp chap hostname XXXXXXXXXXXXXXXXX ppp chap password X XXXXXXXXXXXXXXXXXXXXXXX ppp pap sent-username XXXXXXXXXXXXX password X XXXXXXXXXXXXXX ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ! no ip http server no ip http secure-server ! ip nat inside source list 1 interface Dialer1 overload ! access-list 1 permit 172.22.22.0 0.0.0.255 ! ! ! ! control-plane ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 password XXXXXXXXXXXXXXXXX transport input ssh line vty 5 99 password XXXXXXXXXXXXXXXXXXXXX transport input ssh line vty 100 999 transport input ssh ! ntp clock-period 17180016 ntp server 168.100.193.130 prefer ! end Peace... Sridhar _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
