10GE router resource
Andy Dills
andy at xecu.net
Wed Mar 26 04:50:15 UTC 2008
On Tue, 25 Mar 2008, Aaron Glenn wrote:
>
> On Tue, Mar 25, 2008 at 6:15 PM, Patrick Clochesy <patrick at chegg.com> wrote:
> > Very interesting study I had not seen, and a bummer. That really puts a
> > cramp in my advocation of our CARP+pf load balancers/firewalls/gateways.
> > Than again, what's a PIX box capable of?
>
> I'd rather tweak a whitebox than pay through the nose for a PIX.
>
> > I also had to switch to OpenBSD as there was a fatal crash with the bridge
> > device in FreeBSD when used with my paticular OpenVPN/CARP/pf combination.
> >
> > AFAIK pf/forwarding only takes place on one core and wouldn't take advantage
> > of the other 3 cores, correct?
>
> Correct. There has been some great speed and efficiency improvements
> in pf and other networking parts of OpenBSD; though from anecdotal
> evidence, 10GbE is not ready for 'primetime' (for certain definitions
> of 'primetime').
Anybody who does any sort of home-brew routing NEEDS to read this post:
http://lists.freebsd.org/pipermail/freebsd-current/2008-January/082469.html
Quote:
---
Forwarding (routing between multiple interfaces) and filtering
(ipfw) IIRC with quad Intel e1000 NIC:
Dual Intel Xeon 2.8GHz: 240Kpps 12k L1 cache
Single Intel Xeon 2.8GHz: 380Kpps 12k L1 cache
Core 2 Duo 1.8Ghz: 420kpps 12k L1 cache
Single Pentium-M 1.8GHz: 550Kpps 32k L1 cache
Dual AMD opteron 2GHz: 890Kpps 64k L1 cache
Single AMD opteron 2GHz: 970Kpps 64k L1 cache
All these hosts had 255 vlan interfaces with about 3000 routes and
about 30000 firewall rules, with a good spread of packets between
the interfaces with polling and fastforwarding. I struggled to
generate enough packets to load the AMD routers.
---
Quite interesting data, no? Especially when you can now get 3GHz opterons
with 128k of L1 cache?
How sweet is a sub-$1k router that can do multiple gig-e's at 1.5mpps?
Sounds like a dynamite platform for high-end datacenter CPEs that are soft
on dynamic routing...and even the open-source dynamic routing is
reasonably solid these days...
Andy
---
Andy Dills
Xecunet, Inc.
www.xecu.net
301-682-9972
---
More information about the NANOG
mailing list