Mx204 alternative

Mon Sep 2 14:48:21 UTC 2019

On 2019-09-02 17:16, Saku Ytti wrote:
> On Mon, 2 Sep 2019 at 16:26, Denys Fedoryshchenko
> <nuclearcat at nuclearcat.com> wrote:
> 
>> or some QFX, for example, Broadcom Tomahawk 32x100G switches only do
>> line-rate with >= 250B packets according to datasheets.
> 
> Only is peculiar term here. 100Gbps is 148Mpps, give or take 100PPM,
> at 250B it's still some 50Mpps. Times 32 that's 1600Mpps, or 1.6Gpps.
> Only implies it's modest compared to some other solution, what is that
> solution? XEON doing ~nothing (not proper lookup even) is some couple
> hundred Mpps, far cry from 1.6Gpps with ACL, QoS and L3 lookup.
> I don't care about wire rate on chip with lot of ports, because
> statistics. 250B average size on 32x100GE on a chip is fine to me.
> 250B average size on 32x100GE with 32 chips, would be horrifying.
> 
> I'm not saying XEON does not have application, I'm just saying XEON is
> bps and pps expensive chip compared to almost anything out there,
> however there are some application with very deep touch where it is
> marketable.
> Btw. technically Tomahawk and Trio are very different, Trio has tens
> or hundreds of cores executing software, cores happen to have domain
> specific instruction set, but still software box with lot of cores.
> Tomahawk is pipeline box, having domain specific hardware and largely
> not running a software (but all pipelines today are somewhat
> programmable anyhow). On Trio you are mostly just time limited on what
> you can do, on Tomahawk you have physical hardware restrictions on
> what you can do.
Of course, they are much stronger (and cheaper in $/bps or $/pps) when 
it comes to L2/L3 lookup, basic stateless filters, simple QoS.
But can Trio perform stateful firewall filtering for millions of flows+ 
lot of mpps that Xeon easily handle? Thats the case of recent DDoS 
attacks.