nanog mailing list archives
Re: Software router state of the art
From: Eugeniu Patrascu <eugen () imacandi net>
Date: Tue, 29 Jul 2008 00:14:12 +0300
Rubens Kuhl Jr. wrote:
You can use Linux without conntrack. You can either do "rmmod ip_conntrack" (unload the module), rm /var/lib/modules/ip_conntrack (or something like that to erase the file) or use the RAW queue to forward some packets without connection tracking (-j NOTRACK) and some others with conntrack (proxy redirection, captive portal and thinks like that requires stateful forwarding in any platform). I would be more worried about the prefix match and route cache done by the operating system you are considering for use as a router. That cannot be circunverted by turning off conntrack, pf or anything that might do more with the packet that plain simple routing.
Hi,As of 2.6.x kernel version (at least on 2.6.17) there is a FIB implementation called LC_Trie which supposedly does an O(1) route lookup which is very fast. Where I live there are a lot of linux boxes deployed as routers pushing line rate GE for hundreds to thousand nodes computer networks while also deliverying QoS for each and every node. From what I see in this thread you're more worried about T3/E3 linecards than the actual Linux performance as a router.
As a personal example, I use a celeron 2.53Ghz with 512Mb of ram to push line rate 3 x 100Mbps cards wihout any discernable load reported either by top or uptime and that on top of Quagga with about ~ 5k prefixes. Also, as an experiment I loaded a full routing table from one of my peers and besides of the increased RAM usage by Quagga to about 50MB the machine forwarded at the same rate, _maybe_ 1% incresed load.
Current thread:
- Re: Software router state of the art, (continued)
- Re: Software router state of the art Colin Alston (Jul 26)
- Re: Software router state of the art Adrian Chadd (Jul 26)
- Re: Software router state of the art Dorn Hetzel (Jul 26)
- Re: Software router state of the art William Herrin (Jul 26)
- Re: Software router state of the art Florian Weimer (Jul 26)
- Re: Software router state of the art Tony Finch (Jul 27)
- Re: Software router state of the art Joe Greco (Jul 26)
- Re: Software router state of the art Sargun Dhillon (Jul 28)
- Re: Software router state of the art Joe Greco (Jul 28)
- Re: Software router state of the art Rubens Kuhl Jr. (Jul 28)
- Re: Software router state of the art Eugeniu Patrascu (Jul 28)
- Re: Software router state of the art Seth Mattinen (Jul 28)
- RE: Software router state of the art michael.dillon (Jul 28)
- Re: Software router state of the art Justin Sharp (Jul 28)
- Re: Software router state of the art Andrew D Kirch (Jul 28)
- Re: Software router state of the art Charles Wyble (Jul 28)
- Re: Software router state of the art David E. Smith (Jul 29)
- Re: Software router state of the art Seth Mattinen (Jul 28)
- Re: Software router state of the art Charles Wyble (Jul 28)
- Re: Software router state of the art Joe Greco (Jul 28)
- Message not available
- Re: Software router state of the art Seth Mattinen (Jul 28)