[106439] in North American Network Operators' Group
Re: Software router state of the art
daemon@ATHENA.MIT.EDU (Eugeniu Patrascu)
Mon Jul 28 17:14:33 2008
Date: Tue, 29 Jul 2008 00:14:12 +0300
From: Eugeniu Patrascu <eugen@imacandi.net>
To: "Rubens Kuhl Jr." <rubensk@gmail.com>
In-Reply-To: <6bb5f5b10807281300i92da7em45f8cf7691e184eb@mail.gmail.com>
Cc: NANOG list <nanog@nanog.org>, Joe Greco <jgreco@ns.sol.net>
Errors-To: nanog-bounces@nanog.org
Rubens Kuhl Jr. wrote:
> You can use Linux without conntrack. You can either do "rmmod
> ip_conntrack" (unload the module), rm /var/lib/modules/ip_conntrack
> (or something like that to erase the file) or use the RAW queue to
> forward some packets without connection tracking (-j NOTRACK) and some
> others with conntrack (proxy redirection, captive portal and thinks
> like that requires stateful forwarding in any platform).
>
> I would be more worried about the prefix match and route cache done by
> the operating system you are considering for use as a router. That
> cannot be circunverted by turning off conntrack, pf or anything that
> might do more with the packet that plain simple routing.
>
Hi,
As of 2.6.x kernel version (at least on 2.6.17) there is a FIB
implementation called LC_Trie which supposedly does an O(1) route lookup
which is very fast.
Where I live there are a lot of linux boxes deployed as routers pushing
line rate GE for hundreds to thousand nodes computer networks while also
deliverying QoS for each and every node.
From what I see in this thread you're more worried about T3/E3
linecards than the actual Linux performance as a router.
As a personal example, I use a celeron 2.53Ghz with 512Mb of ram to push
line rate 3 x 100Mbps cards wihout any discernable load reported either
by top or uptime and that on top of Quagga with about ~ 5k prefixes.
Also, as an experiment I loaded a full routing table from one of my
peers and besides of the increased RAM usage by Quagga to about 50MB the
machine forwarded at the same rate, _maybe_ 1% incresed load.
