RE: CIsco 7206VXR w/NPE-G1 Question
Keep in mind, 72xx is still flow-based, so you need to count *both* shared fabric capacity (aka PCI buses) and capacity of NPE to establish flows (aka pps rate).
Why do you say it is flow-based? You *do* use CEF, don't you? In which case 7200 with NPE-G1 is a prefix-based architecture, with software forwarding.
NPE-G1 might probably route 3*GE, without any services and if all 3GE are in a single flow, but will melt down at a face of one-packet-per-flow DDoS (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth).
It's the pps that counts, not whether it is one packet per flow or many. We actually tested NPE-G1 a bit today with small (64 byte) packets, and we reached considerably higher pps numbers. Steinar Haug, Nethelp consulting, sthaug@nethelp.no
Keep in mind, 72xx is still flow-based, so you need to count *both* shared fabric capacity (aka PCI buses) and capacity of NPE to establish flows (aka pps rate).
Why do you say it is flow-based? You *do* use CEF, don't you? In which case 7200 with NPE-G1 is a prefix-based architecture, with software forwarding. Thanks for correction, yes, you are right, of course, that was a 'thinko'.
To those watching on sideline: flow-based means router's performance is based on number of flows established, and first packet of each 'flow' is processed differently [slower] from all other within the flow, and things like nachi will kill it.
NPE-G1 might probably route 3*GE, without any services and if all 3GE are in a single flow, but will melt down at a face of one-packet-per-flow DDoS (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth).
It's the pps that counts, not whether it is one packet per flow or many. We actually tested NPE-G1 a bit today with small (64 byte) packets, and we reached considerably higher pps numbers. I'm curious, what pps did you manage to get?
-alex
participants (2)
-
alex@pilosoft.com
-
sthaug@nethelp.no