[c-nsp] GSR Engine 0 and Engine 1 Limitations - Loose RPF and NetFlow
Jared Mauch
jared at puck.nether.net
Tue Jun 27 20:00:03 EDT 2006
On Tue, Jun 27, 2006 at 06:54:26PM -0500, Adam Kujawski wrote:
> I would like to enable loose unicast RPF on an Engine 0 line card, but
> am not sure what kind of performance hit to expect (if any). I think
> the ASIC-based line cards can handle RPF checks w/o a problem, but not
> sure about the older cards.
For engine0, expect roughly a 50% decrease in performance,
or only being able to attain 50% of line-rate. This is fine if you
are not using all the ports on the card possibly. This requires
intelligent engineering and part of my "know your hardware" mantra :)
I do encourage the use of at least the loose rpf and the strict
RPF whenever possible (ie: if you're operating an enterprise network,
there is no reason you should not enable the strict RPF
facing your firewall/DMZ lan).
> Also, I would like to start using sampled NetFlow on an engine 1 line
> card. Has anybody looked at the performance impact of a 1/1000
> sampling rate on an Engine 1 line card?
(don't know here, sorry)
- jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the cisco-nsp
mailing list