First, I don't have much experience with QoS - this is to comment on the hardware and bridge.
For hardware I would stay away from Intel at the moment. We have two systems presently that are dual Opteron, Dual-core systems: Dual Core AMD Opteron(tm) Processor 275 2199.995 Mhz L2 1024 KB NIC: SysKonnect SK-9E22 (dual-port gig, PCI Express) Using Ixia to test throughput, the box can L2 bridge 980Mbps all day long and you would never know it was doing it. Adding additional endpoints gets us to 1900Mbps bridging - again, no perceptible load on the system. Ixia reports average latency of .081 at 980 and .1xx at the 1900 level. MTU doesn't matter for the bridging part -- but MTU of 9000 for PF_RING is required for the below statement.. Using Snort, PF_RING can monitor 1600-1800Mbps, with no packet loss, for the record :) And I have numbers to prove it! As for bridge stability and 2.6 kernel - my company has been shipping this solution since about this time last year with no problems at all. Deployed units number very high and no field issues whatsoever. -brad > Hi all, > > I write to this list as its full of networwing / QoS experts. > > A client asked if it was possible to replace a very expensive QoS > appliance with a Linux box to make QoS and NetFlow on a big network. > Sustained traffic is around 400Mbps and they need around 1000 QoS classes. > > Some thoughts on this: > > 1) Of course we will purchase the fastest box we can find around, dual > xeon and such. > > 2) As the system runs as a bridge we are kind of scared to use 2.6 > kernel as it seems quite unstable in that mode. > > 3) Instead of using standard QoS classification (linear) we were > thinking about using clasiffy target in the firewall and use some > more complex tree. That way, we still have all those classes but > are not read linearly but some logic is applied in the tree. > > 4) As this box ideally would include a netflow probe (nprobe 4), we were > thinking about using pf_ring kernel patch. Any experience in the list using > this > patch with a system that is both a probe and QoS? Of course, we would like > to purchase ncap for this :) > > 5) We were thinking about using hipac, but we dont know if it supports > clasiffy target, do you know if it does? > > Any ideas will be REALLY appreciated. > > Thanks in advance. Regards. > > -- > Jaime Nebrera - [EMAIL PROTECTED] > Consultor TI - ENEO Tecnologia SL > Telf.- 619 04 55 18 > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > -- Brad Doctor, CISSP _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
