scaling linux-based router hardware recommendations

• Previous message (by thread): scaling linux-based router hardware recommendations
• Next message (by thread): scaling linux-based router hardware recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello!

You could try to build simple router with DPDK yourself. It's very
straightforward and have good examples for simple routing.

I have done some tests with PF_RING ZC (it's very similar technology
to DPDK without specialization on building of network devices) while
test my DDoS monitoring solution and it work perfectly. I can achieve
8 million of packets per second (10GE with 120byte packets) on very
slow Intel Xeon E5 2420.

You could look at this tests from PF_RING developers:
http://www.ntop.org/pf_ring/pf_ring-dna-rfc-2544-benchmark/

But building router on top of PF_RING or DPDK is very challenging task
because everyone want very different things (BGP, OSPF, RIP... etc.).

On Tue, Jan 27, 2015 at 1:54 PM, Paul S. <contact at winterei.se> wrote:
> Anyone aware of any dpdk enabled solutions in the software routing space
> that doesn't cost an arm and a leg?
>
> vMX certainly does.
>
>
> On 1/27/2015 午後 04:33, Pavel Odintsov wrote:
>>
>> Hello!
>>
>> Looks like somebody want to build Linux soft router!) Nice idea for
>> routing 10-30 GBps. I route about 5+ Gbps in Xeon E5-2620v2 with 4
>> 10GE cards Intel 82599 and Debian Wheezy 3.2 (but it's really terrible
>> kernel, everyone should use modern kernels since 3.16 because "buggy
>> linux route cache"). My current processor load on server is about:
>> 15%, thus I can route about 15 GE on my Linux server.
>>
>> Surely, you should deploy backup server too if master server fails.
>>
>> On Tue, Jan 27, 2015 at 1:53 AM, micah anderson <micah at riseup.net> wrote:
>>>
>>> Hi,
>>>
>>> I know that specially programmed ASICs on dedicated hardware like Cisco,
>>> Juniper, etc. are going to always outperform a general purpose server
>>> running gnu/linux, *bsd... but I find the idea of trying to use
>>> proprietary, NSA-backdoored devices difficult to accept, especially when
>>> I don't have the budget for it.
>>>
>>> I've noticed that even with a relatively modern system (supermicro with
>>> a 4 core 1265LV2 CPU, with a 9MB cache, Intel E1G44HTBLK Server
>>> adapters, and 16gig of ram, you still tend to get high percentage of
>>> time working on softirqs on all the CPUs when pps reaches somewhere
>>> around 60-70k, and the traffic approaching 600-900mbit/sec (during a
>>> DDoS, such hardware cannot typically cope).
>>>
>>> It seems like finding hardware more optimized for very high packet per
>>> second counts would be a good thing to do. I just have no idea what is
>>> out there that could meet these goals. I'm unsure if faster CPUs, or
>>> more CPUs is really the problem, or networking cards, or just plain old
>>> fashioned tuning.
>>>
>>> Any ideas or suggestions would be welcome!
>>> micah
>>>
>>
>>
>



-- 
Sincerely yours, Pavel Odintsov

• Previous message (by thread): scaling linux-based router hardware recommendations
• Next message (by thread): scaling linux-based router hardware recommendations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]