nanog mailing list archives
Re: Software router state of the art
From: "Kevin Oberman" <oberman () es net>
Date: Wed, 23 Jul 2008 12:59:52 -0700
Date: Wed, 23 Jul 2008 14:17:53 -0400 From: "William Herrin" <herrin-nanog () dirtside com> On Wed, Jul 23, 2008 at 2:03 PM, Naveen Nathan <naveen () lastninja net> wrote:The Endace DAG cards claim they can move 7 gbps over a PCI-X bus from the NIC to main DRAM. They claim a full 10gbps on a PCIE bus.I wonder, has anyone heard of this used for IDS? I've been looking at building a commodity SNORT solution, and wondering if a powerful network card will help, or would the bottleneck be in processing the packets and overhead from the OS?The first bottleneck is the interrupts from the NIC. With a generic Intel NIC under Linux, you start to lose a non-trivial number of packets around 700mbps of "normal" traffic because it can't service the interrupts quickly enough.
Most modern high performance network cards support MSI (Message Signaled Interrupts) which generate real interrupts only in an intelligent basis. and only at a controlled rate. Windows, Solaris and FreeBSD have support for MSI and I think Linux does, too. It requires both hardware and software support. With MSI, TSO, LRO, and PCI-E with hardware that supports these, 9.5 Gbps TCP flows between systems is possible with minimal tuning. That puts the bottleneck back on the forwarding software in the CPU to do the forwarding at high rates. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman () es net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Attachment:
_bin
Description:
Current thread:
- Re: Software router state of the art, (continued)
- Re: Software router state of the art Andrew D Kirch (Jul 28)
- Re: Software router state of the art Seth Mattinen (Jul 28)
- Re: Software router state of the art Joe Greco (Jul 28)
- Re: Software router state of the art Bill Nash (Jul 28)
- Re: Software router state of the art Florian Weimer (Jul 28)
- Re: Software router state of the art William Herrin (Jul 23)
- Re: Software router state of the art Naveen Nathan (Jul 23)
- Re: Software router state of the art Christopher Morrow (Jul 23)
- Re: Software router state of the art Wes Young (Jul 23)
- Message not available
- Re: Software router state of the art William Herrin (Jul 23)
- Re: Software router state of the art Kevin Oberman (Jul 23)
- Re: Software router state of the art William Herrin (Jul 23)
- Re: Software router state of the art Kevin Oberman (Jul 23)
- sizing router buffers (Re: Software router state of the art ) Mikael Abrahamsson (Jul 23)
- Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
- RE: Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Kevin Day (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)