[j-nsp] A low number of Firewall filters reducing the bandwidth capacity.
Saku Ytti
saku at ytti.fi
Wed Sep 11 02:21:13 EDT 2024
On Tue, 10 Sept 2024 at 22:57, Timur Maryin via juniper-nsp
<juniper-nsp at puck.nether.net> wrote:
> EA utilization monitoring might not be straightforward on a first look
> But we have internal tools(script) which print data in nicely manner.
> JTAC may be able to share that.
It does have a single command to report global NPU load as percentage,
which is a gross simplification but useful. Like you can see that as
you keep piling IPv6 EH, global load approaches 100%, until eventually
the stack is too deep, and packet gets dropped outright, and global
load plummets. Usually people operating these think it's binary,
either it works or it doesn't, but as it is run-to-completion,
everything adds up, which is why we always get unsatisfying answers
from vendors to our scaling questions, no one really knows, it's too
complicated.
More in depth requires checking what ucode instructions PPEs are
running, how long are they spending on them etc, but this is more
after you already have unexpectedly high global NPU load, and you want
to figure out why and how to address.
--
++ytti
More information about the juniper-nsp
mailing list