[e-nsp] Extreme Networks Summit1iTx L3 switch delays ICMP traffic routed through the switch or addressed to the switch
Mikael Abrahamsson
swmike at swm.pp.se
Mon Sep 1 10:23:04 EDT 2014
On Mon, 1 Sep 2014, Martin T wrote:
> Thanks for all the information! So in case the utilization of tBGTask
> process is less than 90%, all the other IP traffic should suffer as
> well?
No. By default ICMP is slow-pathed, everything else is fast-pathed. ICMP
can be made fast-pathed on some incarnations i-chipset platforms by
issuing "disable icmp access-lists". They re-spun the forwardig ASICs back
in 2004-2005 or so to enable this feature, as the inferno chipset in the
original design punted all ICMP to CPU, they introduced a system-wide flag
to disable this behavior. Since the ASIC doesn't have the capability to
inspect ICMP in fast-path, when you change this flag, you no longer can
ACL ICMP at all.
If you're running i-chipset devices as routers and have a decent amount of
flows, I also recommend to "enable ip-subnet lookup" feature. A masksize
of /20 or so is a balanced approach for Internet use. This helps to not
deplete the ipfdb and also speeds of convergence after a re-route.
> For some odd reason I didn't observe this. Based on my
> tests(hping and custom-made script utilizing bash UDP and TCP
> sockets), only the RTT of ICMP traffic increased while RTT for example
> for UDP or TCP traffic did not change at the time when CPU utilization
> of tBGTask was <90%.
That is default behavior.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the extreme-nsp
mailing list