Daniel W. McRobb <dwm@ans.net> wrote:
1-2 million is not much. Even in the NSFNET days, I worked w/ 5-million-cell net matrices. All it takes is memory and some CPU.
1-2 _simultaneoulsy_, not over period of time. The 1-hr matrix would be two orders of magnitude bigger.
A typical 1 hour matrix is considerably smaller. Even a core router who carries 40,000 routes will not see anywhere near 40,000 * 40,000 cells in a one hour period, or even 2 million cells. Not in my experience. Even the NAP and MAE routers where I've collected this data have seen net matrices only on the order of (10^3) to (10^5) for a one hour period.
That's _host address_ matrix, not network address matrix. It is at least three orders of magnitude bigger. Another datum -- the hot spot on route cache on ICM's routers from hell is about 40% on networks addresses.
The number of cell entries is not equal to the number of routes squared. It doesn't happen.
No, nobody said that. That's why my figures are in 100M range, not 2000000 bil which is the size of "full host matrix".
Even if your router is expiring 20,000 flows per second, it only comes out to about 667 packets per second to the workstation, which is pretty low even for older workstations with fairly weak CPUs by modern standards. An Alpha can handle it w/o even breaking a sweat.
20k flows per second? You must be kidding. The average flow length (as derived from Sean's stats) is 20 packets. I.e. 20 kfps is what you get from a single OC-3 working at the wire speed. --vadim