Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
‎05-07-2012 11:19 AM

High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

     Any ideas what the limitations are on number of  GRE over VPN tunnels a 1335 can support.  I am currently doing about 9 with OSPF on the GRE  tunnels and the processor runs at about 80% utilization and the process that is consuming the most is packet routing process at about 50-60% of the processing power.

Labels (2)
Labels
0 Kudos
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎05-07-2012 11:50 AM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

OSPF, GRE, and IPSEC are all processor-intensive functions and when combined they're even worse. Unfortunately there are no hard and fast rules about this sort of thing, since everyone's network will be different. We have no way of testing all the various scenario's, so we end up with some generalities.

Given what you've described I would generally say to stop at 5 GRE w/IPSEC tunnels and OSPF in a 1335, in order to leave some headroom in the CPU for spikes of activity. Going up to 9-15  tunnels like that you would want a unit with a more robust processor, perhaps a NetVanta 3430 but even then I wouldn't exceed 15 in that unit.

Regards,

Ronnie Colvin

Adtran Applications Engineering

View solution in original post

0 Kudos
Reply
6 Replies
Anonymous
Not applicable
‎05-07-2012 11:50 AM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

OSPF, GRE, and IPSEC are all processor-intensive functions and when combined they're even worse. Unfortunately there are no hard and fast rules about this sort of thing, since everyone's network will be different. We have no way of testing all the various scenario's, so we end up with some generalities.

Given what you've described I would generally say to stop at 5 GRE w/IPSEC tunnels and OSPF in a 1335, in order to leave some headroom in the CPU for spikes of activity. Going up to 9-15  tunnels like that you would want a unit with a more robust processor, perhaps a NetVanta 3430 but even then I wouldn't exceed 15 in that unit.

Regards,

Ronnie Colvin

Adtran Applications Engineering

0 Kudos
Reply
Anonymous
Not applicable
‎05-07-2012 01:11 PM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

So what would be the suggested router to accomplish up to 10 connections and have room for 20 total.  Would a 4430 be able to handle this.

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎05-07-2012 01:14 PM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

For growth up to 20 GRE w/IPSEC and OSPF, I would definitely recommend the 4430. It would be the only one with the horsepower to deal with the encryption and the OSPF with GRE and still be able to do everything else it needs to do (I'm guessing there's firewall going on, possibly QoS/traffic shaping, etc)

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎05-07-2012 05:50 PM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

We are doing VOIP across so yes QOS and traffic shaping.

Accept as Solution Reply
Anonymous
Not applicable
‎07-09-2012 09:30 AM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

I went ahead and flagged this post as “Assumed
Answered.”  If any of the responses on this thread assisted you, please
mark them as either Correct or Helpful answers with the applicable
buttons.  This will make them visible and help other members of the
community find solutions more easily as well as award points to the users that
helped you.  If you still need assistance, I would be more than happy to
continue working with you on this - just let me know in a reply.

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎02-15-2013 01:23 PM

Re: High CPU Utilization on 1335 when using GRE over VPN

Jump to solution

:

I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Levi

0 Kudos
Accept as Solution Reply