[j-nsp] traffic drops to 8 Gb/s when a firewall filter is applied
Matjaž Straus Istenič
juniper at arnes.si
Fri Dec 9 10:09:41 EST 2011
Hi list,
we've tested the throughput of a 10G interface on a DPCE 4x10GE R running in MX960. We've loaded the interface with almost 10 Gb/s of traffic in both directions and it work fine with no loss until an output filter was activated on the interface. Then the traffic dropped to 8 Gb/s flat.
A filter that caused that could be as simple as a single accept term. Input filter doesn't have any impact, only output filter does.
Only one logical interface was involved in the tests. Traffic flows in and out through the same interface.
We have a JTAC case opened on this (since september 2011). Latest news from them: we tested this on 1 gig interface and it works fine (!?). Nice, it might work on 100 meg also ;-).
Has anybody on the list run into something similar (not talking about the support, but the effect of the outbound firewall filter on a 10 GE interface ;-))?
Kind regards,
Matjaž
---
Matjaž Straus Istenič, Arnes
http://www.arnes.si
Tel: +386 1 4798-877
Fax: +386 1 4798-878
matjaz.straus at arnes.si
MS6745-RIPE
PGP 490F3B4F 2009-10-21
Fingerprint = 6172 7BF8 B0B7 1F09 47B3 AFA3 0946 1701 490F 3B4F
More information about the juniper-nsp
mailing list