[j-nsp] uRPF - Performance
Rubens Kuhl Jr.
rubens at email.com
Wed Jun 25 00:02:33 EDT 2003
There is a performance drop from 40Mpps to 12.5Mpps when use anything other
than standard plain routing... if you have a firewall-filter configured, it
already has such a penalty in place.Although it's 125 times your peak
traffic flow, you should consider the peak traffic that a DoS attack can
generate on the router, not your usual traffic. Even than, it's very
unlikely that usual configurations of M-5, M-10 and M-20 interfaces can sum
up to that amount.
Rubens
----- Original Message -----
From: <Jack.W.Parks at alltel.com>
To: <juniper-nsp at puck.nether.net>
Sent: Monday, June 23, 2003 2:25 PM
Subject: [j-nsp] uRPF - Performance
| We are looking to enable uRPF on our M-series routers (M20's and below).
| The benefits of enabling this feature are obvious, but the unknown side
| effects are what I'm concerned about. What performance impact could I
| expect by enabling uRPF at a peak traffic flow of 100k pps/600Mbps?
|
| Has anyone enabled uRPF on their network and do you have any lessoned
| learned? I would like to iron out the quirks prior to deployment.
|
| Jack W. Parks IV
| Sr. Network Engineer
| ALLTEL Communications
| jack.w.parks at alltel.com
| Work: 501-905-5961
| Cell: 501-680-3341
|
| _______________________________________________
| juniper-nsp mailing list juniper-nsp at puck.nether.net
| http://puck.nether.net/mailman/listinfo/juniper-nsp
|
|
More information about the juniper-nsp
mailing list