[c-nsp] full routing table / provider-class chassis

Kevin Loch kloch at kl.net
Thu Jun 11 12:40:50 EDT 2009 

Jo Rhett wrote:
> I've been trying to spec Cisco for an upgrade of our Force10 backbone 
> for nearly 2 months now.  I'm just trying to clarify which platform 
> Cisco recommends for full routing table/hardware 
> forwarding/provider-class environments.
> 
> Unfortunately every time I get through to the supposed right group, I 
> mention our requirements and Cisco never follows up.  It's almost like 
> they realize they have nothing on Juniper and they don't even bother.  
> They are about to be eliminated from the choices for lack of having an 
> answer.
> 
> Until they decide to care, is there anyone on here willing to propose a 
> basic platform for provider-class environment?  By which I mean
> 
> * Full IPv4 & v6 routing table  (Cisco has 760k v4/260k v6 I know with 
> SUP720/3CXL)
> * ASIC-based line-rate forwarding (SUP720-3CXL and DFC-3CXL on each line 
> card, right?)
> * 196 ports copper 10/100/1000
> * 40 ports SFP 1g  (on two line cards, not one)
> * 96+ BGP peers, 8-10 full routing table peers
> 
> Unfortunately, Cisco's partners are useless.  They propose 6509s without 
> the DFCs, which we know will fall over.  

Well that depends...

The DFC's only do next-hop (tcam) lookups and netflow.  All packets are
switched on the centralized PFC.  Each line card has two 20Gbit/s
fabric channels (2x 40Gbit/s full duplex) to the PFC.  The PFC also has
tcam for lookups and netflow to service any cards that do not have
a DFC.

The PFC is rated at something like 30Mpps so if you are doing less
than that and you don't need the extra netflow tcam you don't
need any DFC's and can still theoretically do 640Gbit/s (320Gbit/s
for those of us to have highly unbalanced traffic flows).

Netflow is subsampled on this platform.  I have been able to get
pretty good estimates of traffic flow (checked against SNMP counters)
but I would not use that for any kind of accounting.  The
SNMP counters are fairly noisy due to the several second update
intervals.  SNMP counters on vlans are even worse and loop
over after a few gbit/s even though the coutners themselves
are 64bit.  You may find using smaller switches (like 3560)
for most customer ports and using 10Gig uplinks is better
than using copper ports on the 6500/7600.

I would avoid the sup720, the rsp720 has 2x the ram and more
than 2x the cpu power.  cpu on the sup720 is by far it's biggest
limitation.



> And as I understand it, the 
> 6509 even with the 3CXL cards can't handle 5 full peers, nevermind 96 
> total peers.   Most people suggest the 7600 platform, but at least two 
> comments on the mailing list indicate it isn't much better.
> 
> What are people using today for this kind of environment?  Does it work?
>

More information about the cisco-nsp mailing list