netdev
[Top] [All Lists]

RE: Route cache performance under stress

To: Pekka Savola <pekkas@xxxxxxxxxx>
Subject: RE: Route cache performance under stress
From: Jamal Hadi <hadi@xxxxxxxxxxxxxxxx>
Date: Tue, 10 Jun 2003 08:07:41 -0400 (EDT)
Cc: ralph+d@xxxxxxxxx, CIT/Paul <xerox@xxxxxxxxxx>, "'Simon Kirby'" <sim@xxxxxxxxxxxxx>, "'David S. Miller'" <davem@xxxxxxxxxx>, "fw@xxxxxxxxxxxxx" <fw@xxxxxxxxxxxxx>, "netdev@xxxxxxxxxxx" <netdev@xxxxxxxxxxx>, "linux-net@xxxxxxxxxxxxxxx" <linux-net@xxxxxxxxxxxxxxx>
In-reply-to: <Pine.LNX.4.44.0306101432530.21247-100000@xxxxxxxxxx>
References: <Pine.LNX.4.44.0306101432530.21247-100000@xxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx

On Tue, 10 Jun 2003, Pekka Savola wrote:

> On Tue, 10 Jun 2003, Jamal Hadi wrote:
> > Typically, real world is less intense than the lab. Ex: noone sends
> > 100Mbps at 64 byte packet size.
>
> Some attackers do, and if your box dies because of that.. well, you don't
> like it and your managers certainly don't :-)
>

Assuming the attacker has a 100mbps link to you, yes ;->
I am not trying to say we should ignore it; infact all our tests
have been worst case scenarios.

> > Typical packet is around 500 bytes
> > average.
>
> Not sure that's really the case.  I have the impression the traffic is
> basically something like:
>  - close to 1500 bytes (data transfers)
>  - between 40-100 bytes (TCP acks, simple UDP requests, etc.)
>  - something in between
>

Its is typically trimodal (the ACKs, something in the 500 bytes and the
1500 byte end). The 500 average is derived from staring at cdf graphs:

slightly dated more thorough:
http://www.nlanr.net/NA/Learn/packetsizes.html

Frequent collections by sprint:
http://ipmon.sprint.com/packstat/packet.php?030407

so 500 bytes does sound reasonable.
Theres a lot of papers that have been written on this subject.

> > If linux can handle that forwarding capacity, it should easily
> > be doing close to Gige real world capacity.
>
> Yes, but not the worst case capacity you really have to plan for :-(
>

agreed.

> > Have you seen how the big boys advertise? when tuning specs they talk
> > about bits/sec. Juniper just announced a blade at supercom that can do
> > firewalling at 500Mbps.
>
> May be for some, but they *DO* give their pps figures also; many operators
> do, in fact, *explicitly* check the pps figures especially when there are
> some slower-path features in use (ACL's, IPv6, multicast, RPF, etc.):
> that's much more important than the optimal figures which are great for
> advertising material and press releases :-).
>

The announce in question i saw in some post supercom2003. I kept looking
for conditions that apply to get that 500mbops but couldnt find any.
A lot of people fall for the big brand name, so granted some people will
check, quiet a few dont have that expertise and will buy because iut reads
"juniper".

cheers,
jamal

<Prev in Thread] Current Thread [Next in Thread>