I am doing performance testing on a 7513 using VIP2-50s with PA-POS-OC3
cards (8 all together). dCEF enabled, with 65000 flows running through it
for a total of 600Mbps aggregate (70kpps with .1% loss). The CPU on the RSP
is fine (0%). The VIPs are all at 99% doing RSB. The problem is this:
1) There isn't enough MEMD on RSP4 to switch packets agressively between
VIPs, and
2) There isn't enough CyBUS bandwidth to do so either.
What I am about to do is load up some RSP8s and rerun my test, as the 64MB
of MEMD should help with the RSB drop issue. My question is this:
Does RSP8 add 'bandwidth' to the CyBUS or do we need VIP4-80s to get 4Gbps
(I seem to remember something about a CzBUS)? I want to see how far the
7513 can go.
Anyway, the important point to remember is that true distributed switching
on the RSP platforms only occurs between PA's in the same VIP (unlike the
GSR). InterVIP switching requires the RSP to manage access to MEMD between
VIPs (hence the high amount of RSB drops when the load is high).
regards,
./chris
> .siva
>
> >
> > Hi!
> >
> > just the command I've been looking for for last week but
> forgot to follow it
> > up
> > (though there is a slight error on the document,
> > the command is only available on privilege-exec mode).
> >
> > the "if-con" command is not listed int the 7513 help. I need it
> > to check our VIP2-50's CPU and memory. I'm still looking
> for possible
> > caveats if any.
> > Found one only for 12.0T for possible router reload if the
> "show line"
> > command is issued.
> >
> > I'm reviewing the performance of our 7500 series routers
> equipped with VIPs
> > (VIP2-50 128MB). I want to know how to check various
> features. I have CEF
> > globally configured on the core routers and Netflow on
> selected interfaces
> > on the edge. Can someone please give recommendations on
> what switching modes
> > to use based on actual experience? Any caveats/advice on using "ip
> > route-cache distributed" along with flow switching on
> various port adapter
> > cards? How about dCEF? I read the case of VIP-distributed
> Fast Switching
> > which should not be used simultaneously with dCEF.
> >
> > thanks in advance.
> >
> > tito
> >
> >
> > > ----------
> > > From: Rob Thomas[SMTP:robt@cymru.com]
> > > Sent: Monday, May 28, 2001 4:10 AM
> > > To: Cisco List
> > > Subject: [nsp] Monitoring DoS attacks with the VIP Console
> > >
> > > Hello, cisco-nsp folks.
> > >
> > > I have recently authored a paper entitled "Monitoring DoS
> Attacks with
> > > the VIP Console and NetFlow." This paper details a
> method for tracking
> > > DoS attacks at a fine layer of granularity. Utilizing
> both NetFlow and
> > > an undocumented VIP command on a Cisco router, a DoS attack can be
> > > closely monitored and analyzed. You will find the paper
> at the following
> > > URL:
> > >
> > > http://www.cymru.com/~robt/Docs/Articles/dos-and-vip.html
> > >
> > > Please note that this document makes use of an UNDOCUMENTED and
> > > UNSUPPORTED
> > > Cisco IOS command. While I have successfully used the
> methods documented
> > > therein during heavy DoS and DDoS attacks, your mileage may vary.
> > >
> >
>
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:39 EDT