[109966] in North American Network Operators' Group
Re: Gigabit Linux Routers
daemon@ATHENA.MIT.EDU (Florian Weimer)
Thu Dec 18 07:07:17 2008
To: Eugeniu Patrascu <eugen@imacandi.net>
From: Florian Weimer <fweimer@bfk.de>
Date: Thu, 18 Dec 2008 13:07:03 +0100
In-Reply-To: <49492C14.2010000@imacandi.net> (Eugeniu Patrascu's message of
"Wed, 17 Dec 2008 18:43:00 +0200")
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
* Eugeniu Patrascu:
>> Do you know if it's possible to switch of the route cache? Based on
>> my past experience, it was a major source of routing performance
>> dependency on traffic patterns (it's basically flow-based forwarding).
>
> I don't understand your question.
Flow-based routing does not deal well with certain traffic patterns
(high HTTP or DNS load, or DoS attacks).
> In kernel, when you compile it, you have two options:
> - hash based route algorithm
> - lc-trie based route algorithm
>
> From what I've read on the internet about the latter algorithm, it's
> supposed to be faster regarding route lookups with large routing
> tables (like a global routing table).
In the past, Linux used flow routing. First, an ordinary hash table
(the dst cache, also called route cache) is looked up using the
destination address of the packet (and a few other bits). In case of
a hit, the information is used. In case of a miss, a FIB lookup
(using the hash algorithm or LC-trie) is performed, and the result is
stored in the cache and used.
If there are more flows than cache entries, the work to update the
cache (and expire old records from it) is wasted. But under more
benign conditions, the cache is a win.
> In that configuration you'll split available bandwidth on the NIC and
> also have less throughput because server NICs are not optimized for
> "same interface switching".
If this is a problem, I can use multiple trunk ports or multiple
routers.
--=20
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstra=DFe 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
