Sean Figgins wrote:
Just curious, do most vendors' hardware need to hit the cpu when doing policy-based routing?
As far as I know, the hardware that you are likely using from the major company in the bay area is going to put all PBR traffic through the CPU.
not quite true ... for router platforms, in most cases PBR doesn't alter the 'path' of processing. PBR is available within CEF/fast paths & processing doesn't "drop out" of that processing path unless some of the more esoteric 'policy' options are used. this doesn't mean that PBR comes "for free" - but with careful planning it doesn't have to result in excessive CPU overhead either. for many switch platforms, PBR remain in a h/w-switched path & essentially does come for 'free' (no impact on speed, no requirement to fallback to a s/w-based path). the price here is that not all 'policies' are necessarily available in the h/w-switching path. i can provide more details off-list if you wish but i doubt folks want this to be a foobar-nsp list.. cheers, lincoln.