CIsco 7206VXR w/NPE-G1 Question

alex at pilosoft.com alex at pilosoft.com
Fri Jan 30 17:17:56 UTC 2004


> > Keep in mind, 72xx is still flow-based, so you need to count *both*
> > shared fabric capacity (aka PCI buses) and capacity of NPE to
> > establish flows (aka pps rate).
> 
> Why do you say it is flow-based? You *do* use CEF, don't you? In which
> case 7200 with NPE-G1 is a prefix-based architecture, with software
> forwarding.
Thanks for correction, yes, you are right, of course, that was a 'thinko'.

To those watching on sideline: 

flow-based means router's performance is based on number of flows
established, and first packet of each 'flow' is processed differently
[slower] from all other within the flow, and things like nachi will kill
it.


> > NPE-G1 might probably route 3*GE, without any services and if all 3GE are 
> > in a single flow, but will melt down at a face of one-packet-per-flow DDoS 
> > (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 
> > 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). 
> 
> It's the pps that counts, not whether it is one packet per flow or many.
> We actually tested NPE-G1 a bit today with small (64 byte) packets, and
> we reached considerably higher pps numbers.
I'm curious, what pps did you manage to get?

-alex




More information about the NANOG mailing list