[c-nsp] cisco 3560 layer3 performance

Mark Kent mark at noc.mainstreet.net
Tue Jan 22 00:48:43 EST 2008 

a)
>> So this is a layer 2 switching vs layer 3 switching performance
>> issue. 

Yes (not that I'ld expect them to be comparable, although the 4948
does amazingly well in this regard).

>> Are you running any policies or QOS on either switch? ACLs or
>> anything other than a vanilla routing/switching setup?

Pure vanilla.   Fresh out of the box, no time to accumulate
any baggage.

b) 
>> What IOS version are you running?

c3560-ipbase-mz.122-35.SE5

c) 
> It can do ACL and L3 at line rate - unless you have a logging ACL, or
> exceeded the TCAM in some way. You should never see it use real CPU
> unless you're doing something that isn't supported in hardware. Try a
> "show platform tcam utilization".

No ACL.   Nine connected routes (only one generating traffic),
one static route (default), no routing protocols, 68 mac addresses

#show platform tcam util

CAM Utilization for ASIC# 0                      Max            Used
                                             Masks/Values    Masks/values

 Unicast mac addresses:                        784/6272         19/86    
 IPv4 IGMP groups + multicast routes:          144/1152          6/26    
 IPv4 unicast directly-connected routes:       784/6272         19/86    
 IPv4 unicast indirectly-connected routes:     272/2176         15/76    
 IPv4 policy based routing aces:                 0/0             0/0     
 IPv4 qos aces:                                528/528          18/18    
 IPv4 security aces:                          1024/1024         27/27    

Switch   Ports  Model              SW Version              SW Image            
------   -----  -----              ----------              ----------          
*    1   52     WS-C3560G-48TS     12.2(35)SE5             C3560-IPBASE-M      

Basic configs:

Layer 2 box:

 interface GigabitEthernet0/1
  switchport access vlan 201
 !
 interface GigabitEthernet0/48
  switchport trunk encapsulation dot1q
  switchport mode trunk
  logging event trunk-status

Server plugged into port 0/1 has default route of 192.0.2.1

Layer 3 box, with high cpu load:

 interface GigabitEthernet0/1
  no switchport
  ip address 10.10.10.57 255.255.255.254
 !
 interface GigabitEthernet0/48
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 201
  switchport mode trunk
 !
 interface Vlan201
  ip address 192.0.2.1 255.255.255.192
  no ip proxy-arp
 !
 ip route 0.0.0.0 0.0.0.0 10.10.10.56


Weird thing is, vlan201 shows 0 input/output.

Vlan201 is up, line protocol is up 
  30 second input rate 0 bits/sec, 0 packets/sec
  30 second output rate 1000 bits/sec, 1 packets/sec

but:

Vlan201
          Switching path    Pkts In   Chars In   Pkts Out  Chars Out
               Processor      33574    4490938   10677629 10262551834
             Route cache         26       1980         42      32196
                   Total      33600    4492918   10677671 10262584030

Thanks,
-mark

More information about the cisco-nsp mailing list