nanog mailing list archives
Re: NPE-G2 vs. Sup720-3BXL
From: Adam Armstrong <lists () memetic org>
Date: Thu, 21 May 2009 09:55:45 +0100
Julio Arruda wrote:
The ASR's Quantum Flow processors scale quite unpredictably depending upon features, apparently, so it's difficult to say.Steve Dalberg wrote:2009/5/18 Adam Armstrong <lists () memetic org>:David Storandt wrote:We're stuck in an engineering pickle, so some experience from this crew would be useful in tie-breaking... We operate a business-grade FTTx ISP with ~75 customers and 800Mbps of Internet traffic, currently using 6509/Sup2s for core routing and port aggregation. The MSFC2s are under stress from 3x full route feeds, pared down to 85% to fit the TCAM tables. One system has a FlexWAN with an OC3 card and it's crushing the CPU on the MSFC2. System tuning (stable IOS and esp. disabling SPD) helped a lot but still doesn't have the power to pull through. Hardware upgrades are needed... We need true full routes and more CPU horsepower for crunching BGP (+12 smaller peers + ISIS). OC3 interfaces are going to be mandatory, one each at two locations. Oh yeah, we're still a larger startup without endless pockets. Power, rack space, and SmartNet are not concerns at any location (on-site cold spares). We may need an upstream OC12 in the future but that's a ways out and not a concern here. Our engineering team has settled on three $20k/node options: - Sup720-3BXLs with PS and fan upgrades - Sup2s as switches + ISIS + statics and no BGP, push BGP edge routing off to NPE-G2s across a 2-3Gbps port-channel - Sup2s as switches + ISIS + statics and no BGP, push BGP edge routing off to a 12008 with E3 engines across a 2-3Gbps port-channel.Have a look at the ASR1002 + ESP5/10G Stable for BGP+ISIS as far as our experience goes. adam.ASR1002 + ESP5 was great for OSPF + BGP. 450M+ of traffic for me at peek (proc at1-2%)Any experience in how much more resilient is the ASR compared with 7600/6500, DDoS-wise :-) ?And compared with NPE-G2 ? And in terms of CoPP and etc ?
I'm expecting 5-7Gbps on the ESP10 with my usage (no complex features in use, just forwarding and Netflow), though I've little data to base that on. (ESP on one device currently reports 2-3% usage at ~200Mbit). It'll handle a DDoS much, much, much better than a 7201/NPE-G1, but much, much, much worse than a 65/7500 (even without DFCs).
We use several ASRs with one at each entry point to the network (each transit provider / peering exchange) to spread potention DDoS across a lot of processors, that approach is working well for us at the moment.
Our only real issue is that the Netflow implementation on the ASRs seems to be a little 'sensitive' to configuration changes and sometimes just stops exporting flows.
adam.
Current thread:
- Re: NPE-G2 vs. Sup720-3BXL, (continued)
- Re: NPE-G2 vs. Sup720-3BXL Aaron Millisor (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Alex H. Ryu (May 15)
- Re: NPE-G2 vs. Sup720-3BXL David Storandt (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Brian Feeny (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Aaron Millisor (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Alex H. Ryu (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Arie Vayner (May 15)
- RE: NPE-G2 vs. Sup720-3BXL Crooks, Sam (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Adam Armstrong (May 18)
- Re: NPE-G2 vs. Sup720-3BXL Steve Dalberg (May 18)
- Re: NPE-G2 vs. Sup720-3BXL Julio Arruda (May 18)
- Re: NPE-G2 vs. Sup720-3BXL Adam Armstrong (May 21)
- Re: NPE-G2 vs. Sup720-3BXL Steve Dalberg (May 18)
- RE: NPE-G2 vs. Sup720-3BXL Holmes,David A (May 18)
- Re: NPE-G2 vs. Sup720-3BXL Aaron Millisor (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Adam LaFountain (May 15)
- Re: NPE-G2 vs. Sup720-3BXL David Storandt (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Valdis . Kletnieks (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Leo Bicknell (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Azher Mughal (May 15)
- Re: NPE-G2 vs. Sup720-3BXL jeffrey.arnold (May 16)
- Re: NPE-G2 vs. Sup720-3BXL David Storandt (May 15)
- Re: NPE-G2 vs. Sup720-3BXL Alex H. Ryu (May 15)