Date: Thu, 19 Sep 1996 12:17:27 -0500 (CDT) From: Joe Greco <jgreco@brasil.moneng.mei.com> To: dennis@etinc.com (Dennis) Cc: hackers@freebsd.org Subject: Re: Routers - hardware received wisdom Message-ID: <199609191717.MAA11212@brasil.moneng.mei.com> In-Reply-To: <199609191556.LAA12631@etinc.com> from "Dennis" at Sep 19, 96 11:56:43 am
next in thread | previous in thread | raw e-mail | index | archive | help
> Joe, with all due respect.... > > It depends on "why" the packets were dropped. With our product, they can > be dropped only if.... > > 1) The recieve process cannot get a buffer > 2) The on-board buffers become overrun. > > Only 2 is a CPU issue, and there is virtually no way the you can get that > situation on > a single T1 unless your machine is off doing something else for long periods of > time...like processing ethernet packets. With 2 byte packets, yes, but not with > IP size packets (44 or more bytes). This is so highly unusual that it > shouldnt be > considered. > > Dennis > > Dennis Dennis^2, With all due respect, squared... the case where the machine is acting as a _router_ is precisely what I am talking about... the case where the CPU is maxxed out, inbound Ethernet packets are being silently ignored because the CPU is maxxed out, and the outbound bandwidth on the T1 is less than saturation. Or vice versa: inbound packets on the T1 interface are getting dropped because the CPU is too busy dealing with the previous packets. Or both conditions simultaneously. You _can_ saturate a 486DX5/133 by routing ping sized packets. I believe your average ping packet is about 100 bytes, including IP header, etc. A T1 is 1.544Mbps, at 8 bit bytes that is about 193,000 bytes/sec. That means the router needs to handle 1930 packets per second. When you consider that that means 1930 _in_ via one interface and _out_ via another, that means 3860 packets per second - assuming the remote site does not respond to your pings. My observations during stress testing have been that at 500 packets per second, the CPU is maybe 85-90% idle. Linearly extrapolating to CPU saturation, I conclude that the CPU should be able to handle 3000-5000 packets per second... however my observed performance indicates that it is not linear and performance falls off at about 50% CPU idle... and 3000 pps is a good number to be able to hit. The number we are contemplating (3860) is in excess of that. Now start considering what happens when the replies for those pings come in. :-) Or what happens when somebody starts shooting zillions of small packets at you in a denial of service attack. Think it can't/won't happen? Think of what would happen to you if somebody started pounding on www.etinc.com with a "small packet" attack from a DS3 connected site. What can you do? You _must_ receive the packets, or you _must_ go off line. This may not be such a concern to a small business, but an ISP who has paying customers... such an attack could be deadly. I am not saying it is typical or it is even a major concern, but people need to know what the _worst_ case scenario is in order to make intelligent decisions. I have seen the same router we are discussing saturate a T1 at 96% idle (ok it was fluctuating in the low 90's and that was the peak) with a large number of FTP transfers. There is _NO DOUBT_ in my mind that this is great. For what it's worth, I have seen or heard stories of other folks with "T1" capable hardware that gets swamped with much lower levels of packet traffic than this. I firmly believe that this is one of the best soln's available to anyone building a router. However, _there_ _are_ _limits_ to what you can expect out of the system. That is my point. I am NOT saying your product is flawed. It is not. ... JG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609191717.MAA11212>