[nsp] SAA really a true measure?

jeff.marsh at shaw.ca jeff.marsh at shaw.ca
Fri Jun 13 14:20:59 EDT 2003 

Thanks Paul!  That document was really helpful.  Unfortunately though it pretty much shows that SAA without the responder is probably only useful to provide a relative baseline and running SAA responder seems a little too risky under IOS versions where the exploit documented in: 

http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml#software

hasn't been patched.  

\|/ JRM \|/

----- Original Message -----
From: Paul Kohler <pkohler at cisco.com>
Date: Friday, June 13, 2003 12:38 pm
Subject: Re: [nsp] SAA really a true measure?

> inline
> 
> At 10:08 AM 6/13/2003, jeff.marsh at shaw.ca wrote:
> > >From the "Re: [nsp] intermitten ping lags on 7500/rsp4/256M" 
> discussion, 
> > Dmitri Kalintsev wrote:
> >
> > > ...but, at much closer look, quite useless. ;) Routers are there
> > > to *route*
> > > packets, not to reply to ICMP queries. That is why ICMP processing
> > > is given
> > > such a low priority (and not only by Cisco).
> > >
> > > If somebody needs to measure their network characteristics 
> *so* badly,
> > > there's always Cisco SAA which seems to be part of almost
> > > everything Cisco
> > > has nowdays that runs IOS (no, I didn't look at fn, because I'm
> > > stubborn and
> > > lazy).
> >
> >But does SAA really provide a true measure - with what type of 
> priority do 
> >the routers respond to SAA queries? - obviously if SAA is used 
> with only 
> >ICMP (ie without using the SAA responder) the measurements are 
> going to be 
> >pretty much useless because of the low priority on ICMP processing...
> 
> to factor our the majority of the processing time on your source 
> and 
> destination devices run SAA UDP Jitter or UDP Echo operations. As 
> mentioned 
> you need to enable "rtr responder" on the destination device. If 
> the 
> destination device is not a Cisco box then use UDP Echo and at 
> least you'll 
> have the majority of the source processing time factored out. 
> There's a 
> paper on this at
> http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/sanpo_wp.htm
> 
> Paul
> 
> 
> >\|/ JRM \|/
> >
> >_______________________________________________
> >cisco-nsp mailing list  cisco-nsp at puck.nether.net
> >http://puck.nether.net/mailman/listinfo/cisco-nsp
> >archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
>

More information about the cisco-nsp mailing list