Software router state of the art
Joe Greco
jgreco at ns.sol.net
Mon Jul 28 16:07:46 UTC 2008
> This is not exactly true. The modern Linux kernel (2.6) uses some amount
> of flow tracking in order to do route caching. You can check this out on
> your system by:
> "ip route show cache"
Okay...
# ip route show cache
ip: Command not found.
#
So I guess that's all well and good for me.
> It keeps track of Src/Dst/QoS/Ethernet adapters/etc.. Additionally most
> systems have the iptables modules loaded in kernel and the conntrack
> module in kernel. This immediately activates connection tracking,
> therefore considerably slowing down software routing. The most optimal
> way of speeding this up would be sticking the route cache into somewhat
> faster memory. Though it would be fairly nice to get rid of the route
> cache as that can cause problem with eccentric setups. Also, as cache
> entries take a moment to be deleted, or degrade leading to convergence
> times being higher.
Note .. to .. self .. Linux .. makes .. crappy .. router. Got it.
Guess we'll continue to use FreeBSD, and the lesson to come away with
is that it probably pays to avoid technologies that are suboptimal
for the task at hand. Not everything is created equal. It also pays
to tune things. If "conntrack" hurts, then remove it.
With the emergence of computers with many cores, it will be very
interesting to see how this develops.
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the NANOG
mailing list