From: Jamal Hadi <hadi@shell.cyberus.ca>
To: CIT/Paul <xerox@foonet.net>
Cc: 'Simon Kirby' <sim@netnation.com>,
'Florian Weimer' <fw@deneb.enyo.de>,
netdev@oss.sgi.com, linux-net@vger.kernel.org
Subject: RE: Route cache performance under stress
Date: Sun, 8 Jun 2003 23:15:46 -0400 (EDT) [thread overview]
Message-ID: <20030608230300.X33412@shell.cyberus.ca> (raw)
In-Reply-To: <001001c32e19$81bc7ea0$4a00000a@badass>
On Sun, 8 Jun 2003, CIT/Paul wrote:
> The problem with the route cache as it stands is that it adds every new
> packet that isn't in the route cache to the cache, say you have
> A denial of service attack going on, OR you just have millions of hosts
> going through the router (if you were an ISP). Anything with seeminly
> Random source ips (something like juno-z.101f.c will generate worst case
> scenario for forwarding packets) will cause the cache to constantly
> Add new entries at pretty much the rate of the attack.. This can stifle
> just about any linux router with a measly 10 megabits/second of traffic
> unless
foo have you tried the latest patches posted recently?
get the latest kernel 2.5.x and try it out.
BTW, i dont think it is true you can die with 10mbps. I was reading
some emails where someone said it was a few 100 pps that will kill the
linux sytem (theory mixed with nonsense;->)
> The router is tuned up to a large degree (NAPI, certain nics, route
> cache timings, etc.) and even then it can still be destroyed no matter
> what
> The cpu is with less than 100,000 packets per second and in mosts cases
> less than 30k..
btw thats waay above 10Mbps.
> That's why it's just no acceptable for companies using
> it as a replacement for say a cisco 7200 VXR series (npe300,400 nsf-1,
> etc.) which can do 300K+ packet per second of routing (and yes it can
> even route juno-z.101f.c at 300kpps, I have tested it). Linux has no
> problem doing 300kpps from a single source to a single destination
> provided you have NAPI or ITR or something limiting the interrupts.. The
> overhead is the route cache and the related systems that use it and also
> netfilter is very slow :/ One of these days they will fix it..... If
> anyone has any ideas or needs a test-bed to try out code on or would
> like me to test some of their code I would be happy to test it on our
> development platforms (single and dual processor with intel e1000
> 82545/6 and above, also e100 and tulip).
>
I think Robert has some numbers with the new patches with similar setups
as you.
Why dont you compare how much the cost of a CISCO npex devices with
Linux PCs with e1000s as well while you are at it ?;->
I am sure there are people who will like to sell you linux devices
at half the cisco prices doing Millions of PPS via hardware assists.
Support these linux supporting companies instead ;->
The more i think about it the more i think CEF is a lame escape from
route caches. What we need is multi-tries at the slow path and
perhaps a binary tree on hash collisions buckets of the dst cache
(instead of a linked list).
You can avoid the packet drive cache generation event by being a little
creative if it gets overwhelming. Fix zebra to resolve each BGP
nexthop fully every periodic time.
In any case who said forwarding by itself was sexy anymore?
cheers,
jamal
> Thanks for your time
>
> P.S. to answer your iteration question.. It does not seem to be such
> overhead on the cpu even if the route-cache is 600,000 in size.. I have
> tested this and while there is a definite increase in cpu it comes
> nothing close to the code that has to add every new arriving packet to
> the list. IMHO the best way to do this would be like CEF w/ adjacency
> lists and not have it add every new packet that comes along
>
> Paul xerox@foonet.net http://www.httpd.net
>
>
> -----Original Message-----
> From: netdev-bounce@oss.sgi.com [mailto:netdev-bounce@oss.sgi.com] On
> Behalf Of Simon Kirby
> Sent: Sunday, June 08, 2003 7:49 PM
> To: Florian Weimer
> Cc: netdev@oss.sgi.com; linux-net@vger.kernel.org
> Subject: Re: Route cache performance under stress
>
>
> On Sun, Jun 08, 2003 at 03:10:25PM +0200, Florian Weimer wrote:
>
> > Further parameters which could be tweaked is the kind of adjacency
> > information (where to store the L2 information, whether to include the
>
> > prefix length in the adjacency record etc.).
>
> What is the problem with the current approach? Does the overhead come
> from having to iterate through the hashes for each prefix?
>
> Simon-
>
> [ Simon Kirby ][ Network Operations ]
> [ sim@netnation.com ][ NetNation Communications Inc. ]
> [ Opinions expressed are not necessarily those of my employer. ]
>
>
>
>
next prev parent reply other threads:[~2003-06-09 3:15 UTC|newest]
Thread overview: 227+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-05 16:37 Route cache performance under stress Florian Weimer
2003-04-05 18:17 ` Martin Josefsson
2003-04-05 18:34 ` Willy Tarreau
2003-05-16 22:24 ` Simon Kirby
2003-05-16 23:16 ` Florian Weimer
2003-05-19 19:10 ` Simon Kirby
2003-05-17 2:35 ` David S. Miller
2003-05-17 7:31 ` Florian Weimer
2003-05-17 22:09 ` David S. Miller
2003-05-18 9:21 ` Florian Weimer
2003-05-18 9:31 ` David S. Miller
2003-05-19 17:36 ` Jamal Hadi
2003-05-19 19:18 ` Ralph Doncaster
2003-05-19 22:37 ` Jamal Hadi
2003-05-20 1:10 ` Simon Kirby
2003-05-20 1:14 ` David S. Miller
2003-05-20 1:23 ` Jamal Hadi
2003-05-20 1:24 ` David S. Miller
2003-05-20 2:13 ` Jamal Hadi
2003-05-20 5:01 ` Pekka Savola
2003-05-20 11:47 ` Jamal Hadi
2003-05-20 11:55 ` Pekka Savola
2003-05-20 6:46 ` David S. Miller
2003-05-20 12:04 ` Jamal Hadi
2003-05-21 0:36 ` David S. Miller
2003-05-21 13:03 ` Jamal Hadi
2003-05-23 5:42 ` David S. Miller
2003-05-22 8:40 ` Simon Kirby
2003-05-22 8:58 ` David S. Miller
2003-05-22 10:40 ` David S. Miller
2003-05-22 11:15 ` Martin Josefsson
2003-05-23 1:00 ` David S. Miller
2003-05-23 1:01 ` David S. Miller
2003-05-23 8:21 ` Andi Kleen
2003-05-23 8:22 ` David S. Miller
2003-05-23 9:03 ` Andi Kleen
2003-05-23 9:59 ` David S. Miller
2003-05-24 0:41 ` Andrew Morton
2003-05-26 2:29 ` David S. Miller
2003-05-22 11:44 ` Simon Kirby
2003-05-22 13:03 ` Martin Josefsson
2003-05-23 0:55 ` David S. Miller
2003-05-22 22:33 ` David S. Miller
2003-05-29 20:51 ` Simon Kirby
2003-06-02 10:58 ` Robert Olsson
2003-06-02 15:18 ` Simon Kirby
2003-06-02 16:36 ` Robert Olsson
2003-06-02 18:05 ` Simon Kirby
2003-06-09 17:21 ` David S. Miller
2003-06-09 17:19 ` David S. Miller
2003-05-23 0:59 ` David S. Miller
2003-05-26 7:18 ` Florian Weimer
2003-05-26 7:29 ` David S. Miller
2003-05-26 9:34 ` Florian Weimer
2003-05-27 6:32 ` David S. Miller
2003-06-08 11:39 ` Florian Weimer
2003-06-08 12:05 ` David S. Miller
2003-06-08 13:10 ` Florian Weimer
2003-06-08 23:49 ` Simon Kirby
2003-06-08 23:55 ` CIT/Paul
2003-06-09 3:15 ` Jamal Hadi [this message]
2003-06-09 5:27 ` CIT/Paul
2003-06-09 5:58 ` David S. Miller
2003-06-09 6:28 ` CIT/Paul
2003-06-09 6:28 ` David S. Miller
2003-06-09 16:23 ` Stephen Hemminger
2003-06-09 16:37 ` David S. Miller
2003-06-09 7:13 ` Simon Kirby
2003-06-09 8:10 ` CIT/Paul
2003-06-09 8:27 ` Simon Kirby
2003-06-09 19:38 ` CIT/Paul
2003-06-09 21:30 ` David S. Miller
2003-06-09 22:19 ` Simon Kirby
2003-06-09 22:54 ` Robert Olsson
2003-06-13 6:21 ` David S. Miller
2003-06-13 10:40 ` Robert Olsson
2003-06-15 6:36 ` David S. Miller
2003-06-17 17:03 ` Robert Olsson
2003-06-09 22:56 ` CIT/Paul
2003-06-09 23:05 ` David S. Miller
2003-06-10 13:41 ` Robert Olsson
2003-06-10 0:03 ` Jamal Hadi
2003-06-10 0:32 ` Ralph Doncaster
2003-06-10 1:15 ` Jamal Hadi
2003-06-10 2:45 ` Ralph Doncaster
2003-06-10 3:23 ` Ben Greear
2003-06-10 3:41 ` Ralph Doncaster
2003-06-10 18:10 ` Ralph Doncaster
2003-06-10 18:21 ` Ben Greear
2003-06-10 4:34 ` Simon Kirby
2003-06-10 11:01 ` Jamal Hadi
2003-06-10 11:28 ` Jamal Hadi
2003-06-10 13:18 ` Ralph Doncaster
2003-06-10 16:10 ` David S. Miller
2003-06-10 10:53 ` Jamal Hadi
2003-06-10 11:41 ` chas williams
2003-06-10 16:27 ` David S. Miller
2003-06-10 16:57 ` chas williams
2003-06-10 11:41 ` Pekka Savola
2003-06-10 11:58 ` John S. Denker
2003-06-10 12:12 ` Jamal Hadi
2003-06-10 16:33 ` David S. Miller
2003-06-10 12:07 ` Jamal Hadi
2003-06-10 15:29 ` Ralph Doncaster
2003-06-11 19:48 ` Florian Weimer
2003-06-11 19:40 ` CIT/Paul
2003-06-11 21:09 ` Florian Weimer
2003-06-10 13:10 ` Ralph Doncaster
2003-06-10 13:36 ` Jamal Hadi
2003-06-10 14:03 ` Ralph Doncaster
2003-06-10 16:38 ` David S. Miller
2003-06-10 16:39 ` David S. Miller
2003-06-10 18:41 ` Florian Weimer
2003-06-11 11:47 ` Was (Re: " Jamal Hadi
2003-06-11 18:41 ` Real World Routers 8-) Florian Weimer
2003-06-10 15:53 ` Route cache performance under stress David S. Miller
2003-06-10 16:15 ` 3c59x (was Route cache performance under stress) Bogdan Costescu
2003-06-10 16:20 ` Andi Kleen
2003-06-10 16:23 ` Jeff Garzik
2003-06-10 17:02 ` 3c59x David S. Miller
2003-06-10 17:16 ` 3c59x Jeff Garzik
2003-06-10 17:14 ` 3c59x David S. Miller
2003-06-10 17:25 ` 3c59x Jeff Garzik
2003-06-10 17:30 ` 3c59x David S. Miller
2003-06-10 19:20 ` 3c59x Jeff Garzik
2003-06-10 19:21 ` 3c59x David S. Miller
2003-06-10 17:18 ` 3c59x Andi Kleen
2003-06-10 17:29 ` 3c59x chas williams
2003-06-10 17:31 ` 3c59x David S. Miller
2003-06-10 17:39 ` 3c59x chas williams
2003-06-10 17:43 ` 3c59x David S. Miller
2003-06-11 17:52 ` Route cache performance under stress Robert Olsson
2003-06-10 1:53 ` Simon Kirby
2003-06-10 3:18 ` Ralph Doncaster
2003-06-10 16:06 ` David S. Miller
2003-06-10 15:56 ` David S. Miller
2003-06-10 16:45 ` 3c59x (was Route cache performance under stress) Bogdan Costescu
2003-06-10 16:49 ` Andi Kleen
2003-06-11 9:54 ` Robert Olsson
2003-06-11 10:05 ` Andi Kleen
2003-06-11 10:38 ` Robert Olsson
2003-06-11 12:08 ` Jamal Hadi
2003-06-10 17:12 ` 3c59x David S. Miller
2003-06-10 17:19 ` Route cache performance under stress Ralph Doncaster
2003-06-10 15:49 ` David S. Miller
2003-06-10 17:33 ` Ralph Doncaster
2003-06-10 17:32 ` David S. Miller
2003-06-10 18:34 ` Robert Olsson
2003-06-10 18:57 ` David S. Miller
2003-06-10 19:53 ` Robert Olsson
2003-06-10 21:36 ` CIT/Paul
2003-06-10 21:39 ` Ralph Doncaster
2003-06-10 22:20 ` David S. Miller
2003-06-10 23:58 ` Ralph Doncaster
2003-06-10 23:57 ` David S. Miller
2003-06-11 0:41 ` Ralph Doncaster
2003-06-11 0:58 ` David S. Miller
2003-06-11 0:58 ` David S. Miller
2003-06-11 0:51 ` Ben Greear
2003-06-11 1:01 ` David S. Miller
2003-06-11 1:15 ` Ben Greear
2003-06-11 1:22 ` David S. Miller
2003-06-11 1:51 ` Ben Greear
2003-06-11 3:33 ` David S. Miller
2003-06-11 11:54 ` gettime: Was (Re: " Jamal Hadi
2003-06-11 12:08 ` Andi Kleen
2003-06-12 3:30 ` David S. Miller
2003-06-12 6:32 ` Ben Greear
2003-06-12 8:46 ` David S. Miller
2003-06-11 15:57 ` Ben Greear
2003-06-12 3:29 ` David S. Miller
2003-06-11 1:17 ` Ralph Doncaster
2003-06-11 1:23 ` David S. Miller
2003-06-11 7:28 ` Andi Kleen
2003-06-11 7:25 ` Andi Kleen
2003-06-11 17:40 ` Robert Olsson
2003-06-13 5:38 ` David S. Miller
2003-06-13 10:22 ` Robert Olsson
2003-06-13 17:15 ` Robert Olsson
2003-06-12 6:45 ` David S. Miller
2003-06-12 13:56 ` Robert Olsson
2003-06-12 21:35 ` David S. Miller
2003-06-13 10:50 ` Robert Olsson
2003-06-10 0:56 ` Ralph Doncaster
2003-06-09 11:38 ` Jamal Hadi
2003-06-09 11:55 ` David S. Miller
2003-06-09 12:18 ` Jamal Hadi
2003-06-09 12:32 ` David S. Miller
2003-06-09 13:22 ` Jamal Hadi
2003-06-09 13:22 ` David S. Miller
2003-06-09 8:56 ` David S. Miller
2003-06-09 22:39 ` Robert Olsson
2003-06-09 6:25 ` David S. Miller
2003-06-09 6:59 ` Simon Kirby
2003-06-09 7:03 ` David S. Miller
2003-06-09 13:04 ` Ralph Doncaster
2003-06-09 13:26 ` Jamal Hadi
2003-06-09 5:44 ` David S. Miller
2003-06-09 5:51 ` CIT/Paul
2003-06-09 6:03 ` David S. Miller
2003-06-09 6:52 ` Simon Kirby
2003-06-09 6:56 ` David S. Miller
2003-06-09 7:36 ` Simon Kirby
2003-06-09 8:18 ` Simon Kirby
2003-06-09 8:22 ` David S. Miller
2003-06-09 8:31 ` Simon Kirby
2003-06-09 9:01 ` David S. Miller
2003-06-09 9:47 ` Andi Kleen
2003-06-09 10:03 ` David S. Miller
2003-06-09 10:13 ` Andi Kleen
2003-06-09 10:13 ` David S. Miller
2003-06-09 10:40 ` YOSHIFUJI Hideaki / 吉藤英明
2003-06-09 10:40 ` David S. Miller
2003-06-09 14:14 ` David S. Miller
2003-06-09 6:47 ` Simon Kirby
2003-06-09 6:49 ` David S. Miller
2003-06-09 13:28 ` Ralph Doncaster
2003-06-09 16:30 ` Simon Kirby
2003-06-17 20:58 ` Florian Weimer
2003-06-09 5:38 ` David S. Miller
2003-06-10 3:05 ` Steven Blake
2003-06-12 6:31 ` David S. Miller
2003-06-08 17:58 ` Pekka Savola
2003-05-21 0:09 ` Simon Kirby
2003-05-21 0:13 ` David S. Miller
2003-05-26 9:29 ` Florian Weimer
-- strict thread matches above, loose matches on Subject: below --
2003-04-08 6:14 Scott A Crosby
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030608230300.X33412@shell.cyberus.ca \
--to=hadi@shell.cyberus.ca \
--cc=fw@deneb.enyo.de \
--cc=linux-net@vger.kernel.org \
--cc=netdev@oss.sgi.com \
--cc=sim@netnation.com \
--cc=xerox@foonet.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.