RE: CIsco 7206VXR w/NPE-G1 Question
Luke Starrett wrote (quoting me): > > PXF is found in the 7400 (old) and 7300 (newer) series. > > Not true. 7401 has a PXF. It's essentially an NSE-1 with GE/IO in a > pizza box. 7301 is based on the NPE-G1 and doesn't have a PXF anywhere > in sight. OK, more precisely (I did refer to the release notes of 12.2(20)S in my previous email) the 7304 is a PXF platform when using a NSE-100. The 7304 can be used with either a NPE-G100 (stated as 1M PPS, 3xGE) or NSE-100 (stated as 3.5M PPS by PXF, 450k PPS non-PXF, 2xGE). Of the PXF platforms: NSE-1 263MHz RM7000"100MHz PXF" NSE-100350MHz RM7000"3.5M PPS PXF" 7401ASR375MHz RM7000"PXF based on NSE-1" The NSE-100 is a faster version of the NSE-1, and probably faster than the 7401ASR. Not clear if all the PXF based performance is equal or not between the three platforms; the 7401ASRs describe their PXF as "tmc type TMC ASIC revision 2". David.
RE: CIsco 7206VXR w/NPE-G1 Question
> > PXF is found in the 7400 (old) and 7300 (newer) series. > > Not true. 7401 has a PXF. It's essentially an NSE-1 with GE/IO in a > pizza box. 7301 is based on the NPE-G1 and doesn't have a PXF anywhere > in sight. On the other hand, the (original) 7304 used PXFs, on the NSE-100 forwarding engine. Cisco later introduced the NPE-G100 for the 7304 with a much more powerful CPU, but no PXF. Steinar Haug, Nethelp consulting, [EMAIL PROTECTED]
RE: CIsco 7206VXR w/NPE-G1 Question
> On Fri, Jan 30, 2004 at 03:29:41PM -0200, Rubens Kuhl Jr. wrote: > > > * The 7206VXR prior to the NPE-G1 could only do around 560Mbps > > > per bus typically, due to PCI limitations. > > > > Which usually was not a problem with i-mix traffic or ddos-traffic, > > because pps limitation would hit sooner. > > > > > * Compiled ACLs on 12.2S perform very well on NPE-G1s. > > > > I saw no mention of PXF on NPE-G1; it seemed the path 7200 > would take > > after NSE-1. What happened ? > PXF is found in the 7400 (old) and 7300 (newer) series. Not true. 7401 has a PXF. It's essentially an NSE-1 with GE/IO in a pizza box. 7301 is based on the NPE-G1 and doesn't have a PXF anywhere in sight. > The 7400 was extremely unstable until very recently (with > 12.2(14)S5 it is quite stable, as long as you have the > hardware with the fixed L3 cache or have the L3 cache > disabled), which is perhaps why PXF was not pushed so heavily > after that experience. > > I have not used a 7300. If you want to look at what features > they are pushing into PXF on them, look at the 12.2(20)S > release notes. After the pain of being an early adopter of > the 7400 I'm staying well away from the 7300 until I see > others using them without stability issues. > > 7400 is closely related to the NPE400 (actually NSE-1), 7300 > is closely related to the NPE-G1. > > David. >
RE: CIsco 7206VXR w/NPE-G1 Question
>> Michel Py wrote: >> That would be where the NPE-G1 would be better than an RSP8; > [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Isn't it somewhat wrong to compare the NPE-G1 to any RSP > since most of the packets, most of the time, are handled > by the processors on the VIPs and never bother the RSP In general, yes indeed. However, you have to place it in the same context as I did, quoted below: >>> [EMAIL PROTECTED] wrote: >>> flow-based means router's performance is based on number >>> of flows established, and first packet of each 'flow' is >>> processed differently [slower] from all other within the >>> flow, and things like nachi will kill it. >> Michel Py wrote: >> That would be where the NPE-G1 would be better than an RSP8; In this very case, where a large part of the traffic is a shitload of new flows, dCEF is irrelevant and the NPE-G1 has indeed an advantage over any RSP because it has a 700Mhz processor and the RSP16 is 400Mhz and the RSP8 250Mhz. Of course, this assumes that you are actually doing flow-based routing, which I don't see being that common among ISPs. > If you take a 7500 as far as you can (RSP16, VIP6-80s), > then how does it compare to a 7206VXR/NPE-G1? Ah that's an interesting academic question, and although I will take a shot at it, 1. The question is vague. 2. #include 3. Can't really be answered without testing it. 4. Even when actually testing it with real traffic, your mileage may vary as the traffic patterns being used can indeed greatly the results. That being said, here's my take at it: We have on one side 7206VXR with NPE-G1 and 6x PA-POS-OC3 (or similar) And on the other: 7507MX with RSP16, 3x VIP6-80, 6x PA-POS-OC3 (or similar), 2x GEIP [ this setup is flawed in the first place, as the GEIP is based on the VIP2-50; the correct setup should be: 7507MX with RSP16, 4x VIP6-80, 6x PA-POS-OC3 (or similar), 2x PA-GE. Unfortunately, the VIP6-80 does not support the PA-GE :-( ] On each router: two of the GigE are connected to tier-1 transit, and the DS3s to either big customer or remote pop. I call this a draw. On one hand, if the traffic between the two GigE is not well balanced, the 7507 has a problem with the throughput of the GEIP. On the other hand, the NPE-G1 has a 700 Mhz CPU, but has to deal with all of the following: - two GigE - six PAs - BGP and flows where the 7507 has: - 2x 200Mhz VIP2-50 for the GigE - 3x 400Mhz VIP6-80 for the PAs - 1x 400Mhz RSP16 for BGP and flows My take is: in some situations, the 7507 will be better and in some others the 7206 will be better. The weak point of the 7507 setup is the GEIP, the weak point of the 7206 is that is has only one CPU. Now, _if_ in the 7507 you could replace 2x GEIP with 1x VIP6-80 + 2x PA-GE, I would give a clear advantage to the 7507 setup. In any case, a 7600 will beat the crap out of any 7200. Michel.
RE: CIsco 7206VXR w/NPE-G1 Question
At 03:51 AM 31/01/2004, [EMAIL PROTECTED] wrote: Keep in mind, 72xx is still flow-based 72xx NPE-xxx is NOT flow-based -- unless you explicitly configure it to be. (i.e. disable CEF, enable flow switching). CEF is prefix-based switching - where all possible prefixes (routes/RIB) are already programmed into the forwarding table (FIB). anything not programmed into the FIB doesn't exist in the RIB, ergo there is no route therefore is dropped. i believe the words you're looking for is "NPE-xxx is SOFTWARE-based forwarding". this part is true enough - but a NPE-G1 has far more cpu cycles to switch/route than previous NPE-400/300/225/200/150 et al. software-based forwarding isn't so bad -- it means that platforms such as the 7200 typically have lots of features. this is different to the NSE-xxx which is part software-based forwarding and part PXE-based forwarding. the exact features accelerated by PXE varies depending what code release is used. your said: flow-based means router's performance is based on number of flows established, and first packet of each 'flow' is processed differently [slower] from all other within the flow, and things like nachi will kill it. no, this isn't true. (at ieast, it isn't unless you explicitly configure it that way). for a service-provider, you wouldn't want to use it in any forwarding mode other than CEF, unless there is very good reason to. to provide you with a summary of forwarding paths and their uses: CEF switching: prefix-based pre-populated FIB dCEF switching: distributed version of CEF - typically each linecard has its own FIB and therefore switching decisions are distributed per linecard Fast switching: destination-based demand switching. a 'route cache' exists of destinations to be forwarded to. the first packet to a destination is "process switched", which installs the route-cache entry. subsequent packets are switched in the "fast" (aka interrupt) path. Process switching: all packets received (at interrupt level) are queued for process-level to route. then there's Flow Switching, whose definition has changed over time: Flow Switching: a variation on Fast-switching, but where a flow-entry is created based on a 5-tuple (srcip/dstip/proto/srcport/dstport/TOS). first packet is process- switched, which installs the flow entry, subsequent packets are switched at interrupt level now, Flow Switching has changed over time. you can enable both CEF+Flow and Flow simply becomes an accounting method that is useful for netflow - but you continue to have packets switched using CEF. as to the exact level of forwarding used for each packet, that varies -- if you enable a feature that isn't in the CEF path, then the packet is switched using the next-lower-layer that supports the 'feature'. for service-provider type environments, there aren't too many features necessary for /most/ deployments that aren't already covered in CEF on 7200, so you're mostly ok there. this is just a brief description of how a 72xx works - and there are many permutations and differences between different platforms and boxes. if you want the full rundown, Phil Harris normally gives a "Router Architecture" presentation at every Networkers i've ever attended, and it covers all this and more. cheers, lincoln. disclosure: my other email address is [EMAIL PROTECTED], but i work in Fibre Channel not IP these days.
Re: CIsco 7206VXR w/NPE-G1 Question
On Fri, Jan 30, 2004 at 03:29:41PM -0200, Rubens Kuhl Jr. wrote: > > * The 7206VXR prior to the NPE-G1 could only do around 560Mbps > > per bus typically, due to PCI limitations. > > Which usually was not a problem with i-mix traffic or ddos-traffic, because > pps limitation would hit sooner. > > > * Compiled ACLs on 12.2S perform very well on NPE-G1s. > > I saw no mention of PXF on NPE-G1; it seemed the path 7200 would take after > NSE-1. What happened ? PXF is found in the 7400 (old) and 7300 (newer) series. The 7400 was extremely unstable until very recently (with 12.2(14)S5 it is quite stable, as long as you have the hardware with the fixed L3 cache or have the L3 cache disabled), which is perhaps why PXF was not pushed so heavily after that experience. I have not used a 7300. If you want to look at what features they are pushing into PXF on them, look at the 12.2(20)S release notes. After the pain of being an early adopter of the 7400 I'm staying well away from the 7300 until I see others using them without stability issues. 7400 is closely related to the NPE400 (actually NSE-1), 7300 is closely related to the NPE-G1. David.
Re: CIsco 7206VXR w/NPE-G1 Question
> No. While I was at my former employer, we took our edge > ACL into the Juniper POC lab, and verified that an M40 > stuffed full of OC48 linecards could sustain just over > 85% of line rate with our edge ACL applied before sustaining > packet loss; the POC lab engineers double checked and > verified that there was nothing wrong with the test, that > was simply the most the IPII processors could handle with > that particularly hairy ACL. Was that in the limits of the FPC ? It seems it does, just checking out. Was this a test with smallest possible packets ? Do you remember aggregate pps being routed ? It seems you could hit some of the real IP2 pps limits with ACLs, which is definitively not 40 Mpps. In one test I saw it hitted top at 12.5 Mpps, but it may be due to hitting FPC limits. Other people tests showed something in the 20-25 Mpps range. Rubens
Re: CIsco 7206VXR w/NPE-G1 Question
> > ... > That is of course, as opposed to Juniper, which is truly line-rate at any > interface, with any services, at any composition of traffic. No. While I was at my former employer, we took our edge ACL into the Juniper POC lab, and verified that an M40 stuffed full of OC48 linecards could sustain just over 85% of line rate with our edge ACL applied before sustaining packet loss; the POC lab engineers double checked and verified that there was nothing wrong with the test, that was simply the most the IPII processors could handle with that particularly hairy ACL. There's no such thing as a perfect router--there will always be conditions under which any given device has suboptimal (read "sub-line-rate") performance. The trick is establishing what traffic patterns show up in *your* network, and purchase the appropriate hardware for _your_ traffic patterns. > -alex Matt
Re: CIsco 7206VXR w/NPE-G1 Question
Once upon a time, [EMAIL PROTECTED] <[EMAIL PROTECTED]> said: > Cisco plainly admits that the GEIP tops out at around 400mbit/s, but it's > based on the rather old VIP2-50. Anyone know if they plan to put out a > more capable GEIP, perhaps based on the VIP6-80, which theoretically would > double the GEIP's throughput? I don't know how much more capable it is, but the GEIP+ is based on the VIP4. -- Chris Adams <[EMAIL PROTECTED]> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
RE: CIsco 7206VXR w/NPE-G1 Question
On Fri, 30 Jan 2004, Michel Py wrote: > That would be where the NPE-G1 would be better than an RSP8; however Isn't it somewhat wrong to compare the NPE-G1 to any RSP since most of the packets, most of the time, are handled by the processors on the VIPs and never bother the RSP other than flowing through its SRAM? Or at least a comparison should be NPE-G1 vs some combination of RSP and VIPs. If you take a 7500 as far as you can (RSP16, VIP6-80s), then how does it compare to a 7206VXR/NPE-G1? Cisco plainly admits that the GEIP tops out at around 400mbit/s, but it's based on the rather old VIP2-50. Anyone know if they plan to put out a more capable GEIP, perhaps based on the VIP6-80, which theoretically would double the GEIP's throughput? -- Jon Lewis [EMAIL PROTECTED]| I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
RE: CIsco 7206VXR w/NPE-G1 Question
> [EMAIL PROTECTED] wrote: > flow-based means router's performance is based on number > of flows established, and first packet of each 'flow' is > processed differently [slower] from all other within the > flow, and things like nachi will kill it. That would be where the NPE-G1 would be better than an RSP8; however what I don't like is when you rely on the internal switching of the NPE-G1 you end up creating a 1-slot router with the PAs then becoming substandard additions. I understand that money is an issue, but the original question was about backbone use and I would rather go with a 7603 or a 7606 instead of a 7206VXR. Michel.
RE: CIsco 7206VXR w/NPE-G1 Question
The Juniper software is great, very stable under testing (for 2 weeks in the lab). But as with all routers there are pro's and con's and it also has some issues. What is unfortunate is that the poster runs (by their own admission) neither Cisco or Juniper in their network and yet make unfounded claims about the performance of the Juniper under any conditions. Clearly this will never be true as the cost of developing such a box would be prohibitive and the delivery timescales far too long. I'm as happy as the next person to give Cisco a bashing but I also like to see some balance when unrealistic claims are made. Matt. -Original Message- From: Alex Yuriev [mailto:[EMAIL PROTECTED] Sent: 30 January 2004 14:45 To: Matt Ryan Cc: [EMAIL PROTECTED] Subject: RE: CIsco 7206VXR w/NPE-G1 Question > It's not the Cisco bashing I was referring to, but the all singing all > dancing Juniper performance claim. That would not have anything to do with Juniper sucking the least? Alex -- Live Life in Broadband www.telewest.co.uk The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. ==
Re: CIsco 7206VXR w/NPE-G1 Question
Matt Ryan wrote: It's not the Cisco bashing I was referring to, but the all singing all dancing Juniper performance claim. If you feel differently, (and this might be a different list) you might want to back up your referring with some data. Pete
RE: CIsco 7206VXR w/NPE-G1 Question
> It's not the Cisco bashing I was referring to, but the all singing all > dancing Juniper performance claim. That would not have anything to do with Juniper sucking the least? Alex
RE: CIsco 7206VXR w/NPE-G1 Question
It's not the Cisco bashing I was referring to, but the all singing all dancing Juniper performance claim. Matt. -Original Message- From: Petri Helenius [mailto:[EMAIL PROTECTED] Sent: 30 January 2004 17:43 To: Matt Ryan Cc: [EMAIL PROTECTED] Subject: Re: CIsco 7206VXR w/NPE-G1 Question Matt Ryan wrote: >Do you get commission from Juniper? > > > Where do I get my comission then? I´ve described inferior product as such many times and so far I haven´t seen deposits from vendors in my bank account? !!OT warning!! Pete -- Live Life in Broadband www.telewest.co.uk The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. ==
Re: CIsco 7206VXR w/NPE-G1 Question
Matt Ryan wrote: Do you get commission from Juniper? Where do I get my comission then? I´ve described inferior product as such many times and so far I haven´t seen deposits from vendors in my bank account? !!OT warning!! Pete Matt. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 30 January 2004 16:51 Cc: [EMAIL PROTECTED] Subject: RE: CIsco 7206VXR w/NPE-G1 Question Keep in mind, 72xx is still flow-based, so you need to count *both* shared fabric capacity (aka PCI buses) and capacity of NPE to establish flows (aka pps rate). NPE-G1 might probably route 3*GE, without any services and if all 3GE are in a single flow, but will melt down at a face of one-packet-per-flow DDoS (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). That is of course, as opposed to Juniper, which is truly line-rate at any interface, with any services, at any composition of traffic. -alex On Fri, 30 Jan 2004 [EMAIL PROTECTED] wrote: Does anyone have definitive speed results on the 3 "built-in" Gig ports on the NPE-G1? I know that they aren't attached to the PCI Buses, and don't consume bandwidth points, but all of that is mute. Can all three of the ports do line rate Gig? The Gig PA is limited to 400Mbps. I have seen posts that allude to the fact the max throughput on the 3 Gigs are 800Mbps. It's is like a big mystery that cannot be solved. With a "J" M7i, I know I'm going to get line rate per port up to the total forwarding capacity of the FPC. We are trying to create a comparison matrix and any info you have would be great. Jack -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Simon Hamilton-Wilkes Sent: Friday, January 30, 2004 9:36 AM To: [EMAIL PROTECTED] Subject: RE: CIsco 7206VXR w/NPE-G1 Question One more interesting feature - if you need a 4th GigE port, you can add the GigE I/O card which still uses none of the bus bandwidth points. The buses are fine for OC3 and below... Simon ** The information contained in this message, including attachments, may contain privileged or confidential information that is intended to be delivered only to the person identified above. If you are not the intended recipient, or the person responsible for delivering this message to the intended recipient, ALLTEL requests that you immediately notify the sender and asks that you do not read the message or its attachments, and that you delete them without copying or sending them to anyone else. -- Live Life in Broadband www.telewest.co.uk The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. ==
Re: CIsco 7206VXR w/NPE-G1 Question
> * The 7206VXR prior to the NPE-G1 could only do around 560Mbps > per bus typically, due to PCI limitations. Which usually was not a problem with i-mix traffic or ddos-traffic, because pps limitation would hit sooner. > * Compiled ACLs on 12.2S perform very well on NPE-G1s. I saw no mention of PXF on NPE-G1; it seemed the path 7200 would take after NSE-1. What happened ? > interface but does use a lot of features (netflow, policing, > NBAR, shaping, etc) with no performance hit. Features was indeed to focus of PXF, wasn't it ? Rubens
RE: CIsco 7206VXR w/NPE-G1 Question
> > Keep in mind, 72xx is still flow-based, so you need to count *both* > > shared fabric capacity (aka PCI buses) and capacity of NPE to > > establish flows (aka pps rate). > > Why do you say it is flow-based? You *do* use CEF, don't you? In which > case 7200 with NPE-G1 is a prefix-based architecture, with software > forwarding. Thanks for correction, yes, you are right, of course, that was a 'thinko'. To those watching on sideline: flow-based means router's performance is based on number of flows established, and first packet of each 'flow' is processed differently [slower] from all other within the flow, and things like nachi will kill it. > > NPE-G1 might probably route 3*GE, without any services and if all 3GE are > > in a single flow, but will melt down at a face of one-packet-per-flow DDoS > > (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains > > 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). > > It's the pps that counts, not whether it is one packet per flow or many. > We actually tested NPE-G1 a bit today with small (64 byte) packets, and > we reached considerably higher pps numbers. I'm curious, what pps did you manage to get? -alex
RE: CIsco 7206VXR w/NPE-G1 Question
Wow, that's quite an accusation. No, I don't use neither Cisco nor Juniper hardware in my network. For what its worth, 6500 with sup2 and better is also line-rate, at any mix of traffic, with any services. Happy now? Alex Pilosov| DSL, Colocation, Hosting Services President | [EMAIL PROTECTED](800) 710-7031 Pilosoft, Inc. | http://www.pilosoft.com On Fri, 30 Jan 2004, Matt Ryan wrote: > > Do you get commission from Juniper? > > > Matt. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: 30 January 2004 16:51 > Cc: [EMAIL PROTECTED] > Subject: RE: CIsco 7206VXR w/NPE-G1 Question > > > > Keep in mind, 72xx is still flow-based, so you need to count *both* shared > fabric capacity (aka PCI buses) and capacity of NPE to establish flows > (aka pps rate). > > NPE-G1 might probably route 3*GE, without any services and if all 3GE are > in a single flow, but will melt down at a face of one-packet-per-flow DDoS > (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains > 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). > > That is of course, as opposed to Juniper, which is truly line-rate at any > interface, with any services, at any composition of traffic. > > -alex > > On Fri, 30 Jan 2004 [EMAIL PROTECTED] wrote: > > > > > Does anyone have definitive speed results on the 3 "built-in" Gig ports > > on the NPE-G1? I know that they aren't attached to the PCI Buses, and > > don't consume bandwidth points, but all of that is mute. Can all three > > of the ports do line rate Gig? The Gig PA is limited to 400Mbps. I > > have seen posts that allude to the fact the max throughput on the 3 Gigs > > are 800Mbps. It's is like a big mystery that cannot be solved. With a > > "J" M7i, I know I'm going to get line rate per port up to the total > > forwarding capacity of the FPC. > > > > We are trying to create a comparison matrix and any info you have would > > be great. > > > > Jack > > > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > > Simon Hamilton-Wilkes > > Sent: Friday, January 30, 2004 9:36 AM > > To: [EMAIL PROTECTED] > > Subject: RE: CIsco 7206VXR w/NPE-G1 Question > > > > > > > > One more interesting feature - if you need a 4th GigE port, you can add > > the GigE I/O card which still uses none of the bus bandwidth points. > > The buses are fine for OC3 and below... > > > > > > Simon > > > > > > ** > > The information contained in this message, including attachments, may > contain > > privileged or confidential information that is intended to be delivered > only to the > > person identified above. If you are not the intended recipient, or the > person > > responsible for delivering this message to the intended recipient, ALLTEL > requests > > that you immediately notify the sender and asks that you do not read the > message or its > > attachments, and that you delete them without copying or sending them to > anyone else. > > > > > > -- > Live Life in Broadband > www.telewest.co.uk > > > The information transmitted is intended only for the person or entity to which it is > addressed and may contain confidential and/or privileged material. > Statements and opinions expressed in this e-mail may not represent those of the > company. Any review, retransmission, dissemination or other use of, or taking of any > action in reliance upon, this information by persons or entities other than the > intended recipient is prohibited. If you received this in error, please contact the > sender immediately and delete the material from any computer. > > == >
RE: CIsco 7206VXR w/NPE-G1 Question
> Keep in mind, 72xx is still flow-based, so you need to count *both* shared > fabric capacity (aka PCI buses) and capacity of NPE to establish flows > (aka pps rate). Why do you say it is flow-based? You *do* use CEF, don't you? In which case 7200 with NPE-G1 is a prefix-based architecture, with software forwarding. > NPE-G1 might probably route 3*GE, without any services and if all 3GE are > in a single flow, but will melt down at a face of one-packet-per-flow DDoS > (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains > 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). It's the pps that counts, not whether it is one packet per flow or many. We actually tested NPE-G1 a bit today with small (64 byte) packets, and we reached considerably higher pps numbers. Steinar Haug, Nethelp consulting, [EMAIL PROTECTED]
RE: CIsco 7206VXR w/NPE-G1 Question
Do you get commission from Juniper? Matt. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 30 January 2004 16:51 Cc: [EMAIL PROTECTED] Subject: RE: CIsco 7206VXR w/NPE-G1 Question Keep in mind, 72xx is still flow-based, so you need to count *both* shared fabric capacity (aka PCI buses) and capacity of NPE to establish flows (aka pps rate). NPE-G1 might probably route 3*GE, without any services and if all 3GE are in a single flow, but will melt down at a face of one-packet-per-flow DDoS (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). That is of course, as opposed to Juniper, which is truly line-rate at any interface, with any services, at any composition of traffic. -alex On Fri, 30 Jan 2004 [EMAIL PROTECTED] wrote: > > Does anyone have definitive speed results on the 3 "built-in" Gig ports > on the NPE-G1? I know that they aren't attached to the PCI Buses, and > don't consume bandwidth points, but all of that is mute. Can all three > of the ports do line rate Gig? The Gig PA is limited to 400Mbps. I > have seen posts that allude to the fact the max throughput on the 3 Gigs > are 800Mbps. It's is like a big mystery that cannot be solved. With a > "J" M7i, I know I'm going to get line rate per port up to the total > forwarding capacity of the FPC. > > We are trying to create a comparison matrix and any info you have would > be great. > > Jack > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Simon Hamilton-Wilkes > Sent: Friday, January 30, 2004 9:36 AM > To: [EMAIL PROTECTED] > Subject: RE: CIsco 7206VXR w/NPE-G1 Question > > > > One more interesting feature - if you need a 4th GigE port, you can add > the GigE I/O card which still uses none of the bus bandwidth points. > The buses are fine for OC3 and below... > > > Simon > > ** > The information contained in this message, including attachments, may contain > privileged or confidential information that is intended to be delivered only to the > person identified above. If you are not the intended recipient, or the person > responsible for delivering this message to the intended recipient, ALLTEL requests > that you immediately notify the sender and asks that you do not read the message or its > attachments, and that you delete them without copying or sending them to anyone else. > -- Live Life in Broadband www.telewest.co.uk The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. ==
RE: CIsco 7206VXR w/NPE-G1 Question
Keep in mind, 72xx is still flow-based, so you need to count *both* shared fabric capacity (aka PCI buses) and capacity of NPE to establish flows (aka pps rate). NPE-G1 might probably route 3*GE, without any services and if all 3GE are in a single flow, but will melt down at a face of one-packet-per-flow DDoS (read: "Nachi" worm) at a far lower rate (I'd be surprised if it sustains 200kpps DDoS traffic, which can be as low as 150Mbit bandwidth). That is of course, as opposed to Juniper, which is truly line-rate at any interface, with any services, at any composition of traffic. -alex On Fri, 30 Jan 2004 [EMAIL PROTECTED] wrote: > > Does anyone have definitive speed results on the 3 "built-in" Gig ports > on the NPE-G1? I know that they aren't attached to the PCI Buses, and > don't consume bandwidth points, but all of that is mute. Can all three > of the ports do line rate Gig? The Gig PA is limited to 400Mbps. I > have seen posts that allude to the fact the max throughput on the 3 Gigs > are 800Mbps. It's is like a big mystery that cannot be solved. With a > "J" M7i, I know I'm going to get line rate per port up to the total > forwarding capacity of the FPC. > > We are trying to create a comparison matrix and any info you have would > be great. > > Jack > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Simon Hamilton-Wilkes > Sent: Friday, January 30, 2004 9:36 AM > To: [EMAIL PROTECTED] > Subject: RE: CIsco 7206VXR w/NPE-G1 Question > > > > One more interesting feature - if you need a 4th GigE port, you can add > the GigE I/O card which still uses none of the bus bandwidth points. > The buses are fine for OC3 and below... > > > Simon > > ** > The information contained in this message, including attachments, may contain > privileged or confidential information that is intended to be delivered only to the > person identified above. If you are not the intended recipient, or the person > responsible for delivering this message to the intended recipient, ALLTEL requests > that you immediately notify the sender and asks that you do not read the message or > its > attachments, and that you delete them without copying or sending them to anyone > else. >
RE: CIsco 7206VXR w/NPE-G1 Question
Does anyone have definitive speed results on the 3 "built-in" Gig ports on the NPE-G1? I know that they aren't attached to the PCI Buses, and don't consume bandwidth points, but all of that is mute. Can all three of the ports do line rate Gig? The Gig PA is limited to 400Mbps. I have seen posts that allude to the fact the max throughput on the 3 Gigs are 800Mbps. It's is like a big mystery that cannot be solved. With a "J" M7i, I know I'm going to get line rate per port up to the total forwarding capacity of the FPC. We are trying to create a comparison matrix and any info you have would be great. Jack -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Simon Hamilton-Wilkes Sent: Friday, January 30, 2004 9:36 AM To: [EMAIL PROTECTED] Subject: RE: CIsco 7206VXR w/NPE-G1 Question One more interesting feature - if you need a 4th GigE port, you can add the GigE I/O card which still uses none of the bus bandwidth points. The buses are fine for OC3 and below... Simon ** The information contained in this message, including attachments, may contain privileged or confidential information that is intended to be delivered only to the person identified above. If you are not the intended recipient, or the person responsible for delivering this message to the intended recipient, ALLTEL requests that you immediately notify the sender and asks that you do not read the message or its attachments, and that you delete them without copying or sending them to anyone else.
RE: CIsco 7206VXR w/NPE-G1 Question
One more interesting feature - if you need a 4th GigE port, you can add the GigE I/O card which still uses none of the bus bandwidth points. The buses are fine for OC3 and below... Simon
RE: CIsco 7206VXR w/NPE-G1 Question
Michel Py wrote: > My limited experience with the 7206 > says that it might eventually be able to push _one_ gig from one PA to > another, but not aggregate: say you have 4 or 5 OC3s aggregating into a > GigE with some ACLs (which would run distributed on a 7500) I don't > think that even the NPE-G1 is up to the task. Some notes (I sent some of these directly but since you're following up on-list, I will as well): * The 7206VXR prior to the NPE-G1 could only do around 560Mbps per bus typically, due to PCI limitations. * The NPE-G1 can do much more as the on-board 3xGE do not use the PCI bus (note, previous "on-board" GE ports in other 7200/7400 routers *did* still use a PCI bus). * As such, you have 3 ports which can run at gig rates, plus the ability to add two more gig ports (one per bus) around the 560Mbps rate. Or you can add OC3 cards on the other busses. But read Cisco's website re bandwidth points on PCI busses to confirm your intended configuration is viable if you intend to use many high-speed PAs. * Compiled ACLs on 12.2S perform very well on NPE-G1s. * Current IOS only uses one of the two CPUs present on the NPE-G1. An IOS which uses both CPUs is expected this year. However even with one CPU, the performance is significantly more than double a NPE400. * However you should do your own testing - it's a long time since I've done any performance tests and our production environment (being an Australian ISP) doesn't come close to 1Gbps on any interface but does use a lot of features (netflow, policing, NBAR, shaping, etc) with no performance hit. In the Australian environment, the 7206VXR NPE-G1 is a clear choice for many ISPs, due to the high demands on CPU-intensive features in the Australian environment and the massive performance improvements over the previous 7206VXR routers in the NPE-G1. David.
RE: CIsco 7206VXR w/NPE-G1 Question
> Richard J. Sears wrote: > I am looking at upgrading my current 7507 backbone routers. > Each of my routers has dual RSP4s Keep in mind that dual RSP does _not_ mean load sharing; it's for redundancy, if you can get RPR+ to work the way you want that is. > and I was thinking of upgrading them to RSP8s when I > started reading about the new 7206VXRs with the NPE-G1 engine. > I was wondering if anyone has had experience with this > router/engine combination, how well they perform in comparison > to the RSP8s and actual total traffic capabilities when > utilizing all three gig ports with a mixture of OC3, Gig and > DS3 connections as well. In my experience, no 7507 is capable of this, nor a 7206VXR. As pointed out not too long ago, the RSP8 although intrinsically slower than a NPE-G1 will take more load because a lot of processing can be done by the VIPs in the 7507. The deal is that in a 7200 the NPE does the work of the RSP _plus_ the work of three VIPs; even if it's faster, it might not be that fast. That being said, I don't consider reasonable to get gig+ traffic trough a 7507; in my experience a 7500 will push 500mbps of traffic but will have trouble swallowing a full gig. My limited experience with the 7206 says that it might eventually be able to push _one_ gig from one PA to another, but not aggregate: say you have 4 or 5 OC3s aggregating into a GigE with some ACLs (which would run distributed on a 7500) I don't think that even the NPE-G1 is up to the task. IMHO, if you stay well below a gig, these el-cheapo eBay RSP8 deals are a valid solution but if you go over, GSR or Juniper is your answer. The 7200 has never been a core nor backbone router. Michel.
