[177557] in North American Network Operators' Group
Re: scaling linux-based router hardware recommendations
daemon@ATHENA.MIT.EDU (Paul S.)
Tue Jan 27 05:54:59 2015
X-Original-To: nanog@nanog.org
Date: Tue, 27 Jan 2015 19:54:49 +0900
From: "Paul S." <contact@winterei.se>
To: nanog@nanog.org
In-Reply-To: <CALgsdbc_SK-fUrbvGcSfze4QcyAV4ssGL6knmAqfxgt+NNvU-w@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
Anyone aware of any dpdk enabled solutions in the software routing space
that doesn't cost an arm and a leg?
vMX certainly does.
On 1/27/2015 午後 04:33, Pavel Odintsov wrote:
> Hello!
>
> Looks like somebody want to build Linux soft router!) Nice idea for
> routing 10-30 GBps. I route about 5+ Gbps in Xeon E5-2620v2 with 4
> 10GE cards Intel 82599 and Debian Wheezy 3.2 (but it's really terrible
> kernel, everyone should use modern kernels since 3.16 because "buggy
> linux route cache"). My current processor load on server is about:
> 15%, thus I can route about 15 GE on my Linux server.
>
> Surely, you should deploy backup server too if master server fails.
>
> On Tue, Jan 27, 2015 at 1:53 AM, micah anderson <micah@riseup.net> wrote:
>> Hi,
>>
>> I know that specially programmed ASICs on dedicated hardware like Cisco,
>> Juniper, etc. are going to always outperform a general purpose server
>> running gnu/linux, *bsd... but I find the idea of trying to use
>> proprietary, NSA-backdoored devices difficult to accept, especially when
>> I don't have the budget for it.
>>
>> I've noticed that even with a relatively modern system (supermicro with
>> a 4 core 1265LV2 CPU, with a 9MB cache, Intel E1G44HTBLK Server
>> adapters, and 16gig of ram, you still tend to get high percentage of
>> time working on softirqs on all the CPUs when pps reaches somewhere
>> around 60-70k, and the traffic approaching 600-900mbit/sec (during a
>> DDoS, such hardware cannot typically cope).
>>
>> It seems like finding hardware more optimized for very high packet per
>> second counts would be a good thing to do. I just have no idea what is
>> out there that could meet these goals. I'm unsure if faster CPUs, or
>> more CPUs is really the problem, or networking cards, or just plain old
>> fashioned tuning.
>>
>> Any ideas or suggestions would be welcome!
>> micah
>>
>
>
