Everyone pointed out really good notes here as well but as far as I know and this may have changed recently but if you do the 10Gbps / smallest possible packet size you'll crush the CPU before it ever gets anywhere near the disks.
I was trying to figure out a way to use iptables to do simple firewalling at full line rate 10Gbps and it ate a bowl of fail big time (and that was without any disk/io capturing). I'm assuming perhaps newer PCI Express version 3 10G NICs will be released that may be able to get you over that hump but for now it's really tricky to do this on a single box. Which is why vendors charge $50k for those ASIC based capturing boxes =) Thanks, -Drew -----Original Message----- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Phil Bedard Sent: Monday, January 09, 2012 2:13 PM To: OBrien, Will Cc: J NSP Subject: Re: [j-nsp] Whitebox 10Gb/s capture challenge How much traffic is actually on the boxes? A full 10G or some fraction? Are they in the same datacenter? There are muxing boxes from onpath,apcon, anue, net optics, etc. which might let you get away with less actual capture devices. Keep in mind some of those solutions are fairly expensive themselves... Phil On Jan 9, 2012,s at 11:05 AM, "OBrien, Will" <obri...@missouri.edu> wrote: > I'm pondering the idea of trying to build a relatively inexpensive 10Gb > capture box. > The simple solution is a dell R710 with 10Gb nics. I have some, they work, > but I'd have to spend $50k to get enough of them. > > So, my challenge is keeping the price point is something around $1000-$1500 - > basically the 10Gb version of a 1u gigE capture system. > > In general, I probably don't need to ever write 10Gb/s to disk, but it would > be nice load the dice for success. > My thoughts are a reasonable performance motherboard with 10Gb PCIe nics or a > white box mobo with onboard SFP+ ports. > > Anyone gone this route? > > > Will O'Brien > University of Missouri, DoIT DNPS > Network Systems Analyst - Redacted > > obri...@missouri.edu > > > > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
