[c-nsp] netflow feature-acceleration and CSCsa81379

[Gert Doering]

Hi,

"curiosity kills the cat" (or so, but then, it has 9 lives...)

I just noticed that 12.2(25)S4 is out, and the ONLY change it has compared
to 12.2(25)S3 - at least per the release notes - is CSCsa81379:

  "NetFlow Feature Acceleration has been deprecated and removed from Cisco 
   IOS. The global command ip flow-cache feature-accelerate will no longer 
   be recognized in any IOS configuration. "

this is "interesting", to say the least - a 12.2S rebuild, only to 
*remove* a feature that's obscure enough that nobody I know is using 
it - well, that is, besides us.

We are using it, because it helped at some point in the past to make
"ip accounting" more robust against worm outbreaks.  Normal "ip accounting"
causes enormous CPU loads when there are "hard" portscans, bad enough that
BGP sessions break due to missed keepalives, etc. - and with netflow
feature-acceleration, we've never seen these problems again.  But maybe
the general "ip accounting" infrastructure was improved, to avoid having
to do process switching for table insertions... [1]

Anyone with some background information?

gert


[1] Yes, I *know* I should change over to netflow accounting.  Working 
on it, but completely rebuilding an ISP accounting infrastructure without
breaking it (and losing money in the progress) is *tough*.

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de