Software router state of the art
eugen at imacandi.net
Mon Jul 28 21:14:12 UTC 2008
Rubens Kuhl Jr. wrote:
> You can use Linux without conntrack. You can either do "rmmod
> ip_conntrack" (unload the module), rm /var/lib/modules/ip_conntrack
> (or something like that to erase the file) or use the RAW queue to
> forward some packets without connection tracking (-j NOTRACK) and some
> others with conntrack (proxy redirection, captive portal and thinks
> like that requires stateful forwarding in any platform).
> I would be more worried about the prefix match and route cache done by
> the operating system you are considering for use as a router. That
> cannot be circunverted by turning off conntrack, pf or anything that
> might do more with the packet that plain simple routing.
As of 2.6.x kernel version (at least on 2.6.17) there is a FIB
implementation called LC_Trie which supposedly does an O(1) route lookup
which is very fast.
Where I live there are a lot of linux boxes deployed as routers pushing
line rate GE for hundreds to thousand nodes computer networks while also
deliverying QoS for each and every node.
From what I see in this thread you're more worried about T3/E3
linecards than the actual Linux performance as a router.
As a personal example, I use a celeron 2.53Ghz with 512Mb of ram to push
line rate 3 x 100Mbps cards wihout any discernable load reported either
by top or uptime and that on top of Quagga with about ~ 5k prefixes.
Also, as an experiment I loaded a full routing table from one of my
peers and besides of the increased RAM usage by Quagga to about 50MB the
machine forwarded at the same rate, _maybe_ 1% incresed load.
More information about the NANOG