[c-nsp] Outbound drops on 6748

Sat Jan 28 14:33:02 EST 2012

Is the ACE blade setup as a SLB on a stick, or is it doing bridging? Looks like the ACE is sending bursts faster than the 6748 blade can serialize the output on 1GB Ethernet. What type of traffic is the ACE load balancing? UDP voip/video or just http?

> -----Original Message-----
> From: Dean Smith [mailto:dean at eatworms.org.uk]
> Sent: Saturday, January 28, 2012 2:27 PM
> To: Matthew Huff; cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Outbound drops on 6748
> 
> Its user web browsing (no multicast) and  the flow is :-
> 
> Clients -> ACE (load Balance)-> 6748 -> Appliance -> 6748 -> 6708 ->
> Upstream Router (10Gb/s ASR) -> Internet
> 
> So yes the traffic arriving on the appliance port is requests from the ACE
> and return traffic from a 10Gb/s ASR port
> 
> Dean
> 
> ----Original Message-----
> From: Matthew Huff [mailto:mhuff at ox.com]
> Sent: 28 January 2012 15:45
> To: 'Dean Smith'; 'cisco-nsp at puck.nether.net'
> Subject: RE: [c-nsp] Outbound drops on 6748
> 
> What is the type of data? Is it bursty? Is the data coming from an bigger
> pipe upstream?
> 
> You are likely hitting microbursts. The traffic levels you state are
> measured over an interval (30 seconds minimum probably). During peak
> activity you can easy overrun the buffers on the 6748 if your upstream data
> is coming from > 1gb and/or multicast. Since the 6748 has the deepest buffer
> of any linecards of the 6500, you might have to look at an Arista or Cisco
> 30xx aggregation switch that can handle the microbursts.
> 
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net
> > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dean Smith
> > Sent: Saturday, January 28, 2012 6:40 AM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] Outbound drops on 6748
> >
> > We have some web security appliances connected via 1Gb/s copper  to
> > 6748 Line cards in a Cat 6513 with Sup720. The appliance manufacturer
> > assures us the appliances can cope with traffic well above 800Mb/s
> > (The traffic is always equal in both directions)
> >
> >
> >
> > We have previously seen traffic levels > 500Mb/s for a period without
> > any issue. However more recently we have seen elevated response times
> > to the appliances as the bandwidth approaches 400Mb/s. Investigations
> > show we're seeing outbound drops now as we approach those speeds. We
> > have qos enabled on the chassis but these particular ports have up
> > till now been left at default queue setting. All the traffic is in
> > queue 0 which currently only has 50% of the queues. We have now
> > amended that to 90% but will have to wait until the next peak in traffic
> to judge the impact.
> >
> >
> >
> > However I'm a little unsure why we previously saw no issue @ 500Mb/s
> > but do now @ 400Mb/s. Nothing has changed on the appliances - however
> > we did remove some other redundant 6148A cards to allow the switch to
> > operate in full DFC mode. I don't have outbound errors/drops from
> > before the cards were removed but response times certainly didn't show the
> increase.
> >
> >
> >
> > Is it likely/possible that when operating in CFC mode the chassis/CFC
> > was effectively buffering the packets better before hitting the
> > switchport.but now they're arriving directly via DFC the individual
> > port buffers are struggling ?. If that theory doesn't hold water..any
> other suggestions ?
> >
> >
> >
> > What bi-directional throughput is reasonable to expect from a 6748 port ?
> >
> >
> >
> > (If it makes any difference the chassis build has 1x original ACE,
> > 3xFWSM,
> > 2x6704 ,1x6708 and 2x6748+ 1 xSup720. All the line cards now have DFC
> > 3B (or 3C for 6708) where appropriate)
> >
> >
> >
> > Thanks
> >
> > Dean
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> 