[j-nsp] netflow v9 on a Juniper MX

[Richard A Steenbergen]

On Tue, Mar 09, 2010 at 05:01:19PM +0100, Sean Clarke wrote:
> I'm telling you what it's doing.. I'm not saying it's impossible in 
> theory on the RE.
> 
> It's just Juniper don't do it, probably to stop people breaking stuff, 
> i.e. protocol handling.
> If you want that to change why not talk to your sales team

Somebody is smoking some serious crack if they claimed v9 can't be
supported in CPU. Yes the templates and extra fields might mean you have
to move a pointer around a few more times and write a few extra bytes of
data, but this is all absurdly trivial stuff for a CPU to do even a few
thousand times a second. Think about it this way, if the flow protocol 
was really significantly more heavy weight you'd have a much harder time 
processing the results on the collector side too.

To put it into perspective, you're burning FAR more cpu and memory in
wasted overhead copying data for your entire routing table between the
rpd and sampled processes just to populate that "asn" field with either
the neighbor or origin value. I've asked for a knob to turn that off
(since I don't care about that data and it would save ~100MB of ram) for
years and nobody cared (though perhaps rightfully so, because it's a
pretty small amount of cpu/memory and a non-issue on a modern RE). Hell
my chassisd process burns WAY more cpu time than my sampled. :)

  PID USERNAME  THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
 1164 root        1  97    0 34740K 18552K select 179.0H  5.32% chassisd
 1879 root        1 111   15   120M   120M RUN    951:29  0.05% sampled

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)