[j-nsp] EX switches and TCAM utilisation
Charlie Allom
charlie at playlouder.com
Wed May 18 19:46:32 EDT 2011
On Wed, May 18, 2011 at 12:42:22PM -0500, Richard A Steenbergen <ras at e-gerbil.net> wrote:
> On Wed, May 18, 2011 at 05:10:54PM +0100, William J Hulley wrote:
> > Hi,
> >
> > I'm using some EX3200s running 10.0S6.1 and developing a configuration
> > using filter based forwarding to policy route traffic between routing
> > instances.
> >
> > It's all working fine in the lab but I'm concerned about the potential
> > growth of the firewall policy and utilisation of the TCAM in
> > production and would obviously like to model the usage and monitor it.
> >
> > Are there any known supported/un-supported ways of getting useful
> > stats out of the box beyond just relying on syslog messages saying
> > there isn't enough cam?
>
> Drop into the fpc shell from root, like so:
>
> RE:0% vty fpc0
Wow Richard,
that is amazing info.
What version of JunOS was that from? on 10.0S I sadly only get these columns:
Number of rules as Egress PCL: 59335
59335 Egress PCL rules
Page_id Entry_id Instance fw_id Rule Rule-Index
--------------------------------------------------------------------------
32 0 2 3735928559 ospf-neighbours.8.ext.0 64
32 2 2 3735928559 ospf-neighbours.8.ext.1 65
33 0 2 3735928559 ospf-neighbours.8.ext.2 66
...
1687 2 2 3735928559 puppet_dashboard.44.ext.8 3375
1691 0 2 3735928559 deny-all.44.ext.0 3382
So it's hard to tell when the tcam is full.
C.
--
+442077294797
http://mediaserviceprovider.com/
More information about the juniper-nsp
mailing list