|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: 12000 ACL issue
As an early adopter and victim of 6500, the need for survival find the way to knowledgeable Cisco employees and knowledgeable admins/architets of networks with their own (different) paths to Cisco internals.> Sup2(6500 or 7600) is not demand-based, there is no flow-based > forwarding on it; it can actually go that far, but you are right about > past (and most of current) Cisco claims. Please consult your favorite knowledgeable Cisco employee and try again. The product matrix today is rather simple: use Sup1 only for L2 activity (Consider Sup2 if you want VLAN ACLs and QoS), use Sup2 for all L3 activity, consider x-bar if you need more than 15 Mpps, consider DFC if you need more than 30 Mpps.Understanding the 6500/7600 product matrix and its effects on forwarding tables is a pain - but required knowledge for successful implementation. Understanding the forwarding process of a device is crucial to network engineering; for instance, with 6500/7600 you should look carefully at the non-equal traffic distribution among parallel paths. With an M-160, you should try avoiding packet misordering, and so forth for every product of every vendor. CEF is mandatory with Sup2, and was with Sup1 although MLS took most of CEF pros and cons out of the loop.There is a reason why CEF is configurable, and the DFC is an optional "card". Not in the x-bar system (Sup2, switch fabric, all x-bar enabled cards), where Sup2 receives only the packet header (up to the point of L4 port info); this compressed mode of operation is required to achieve 30 Mpps. The same strategy is used on M- routers, where IP II receives only the first J-cell of the packet.> In order to have 30 Mpps inside 15Gbps traffic, packet size > on the line > would be 62.5 bytes and no silence between packets would be allowed. > When preambles and inter-frame-gaps are included, bottom line traffic > would be higher, and real packet size distribution would make > it usable > for up to lot more traffic. Actually 30 Mpps comes from how the 6500/7600's data bus works - 256 bits wide @ 62.5 Mhz = 16 Gbps (real numbers - Cisco states 32 Gb/s due to their creative accounting). 64 Byte frame takes 4 clock cycles (64ns) to get through the box (at minimum). With that you get 15 Mpps. That is base functionality - add x-bars, DFCs, x-bar enabled cards, etc, etc, and YMMV. But regardless.. the larger the frame the smaller the number of pps. I really would like to see those products and review their architetures. So far, what I saw in every product except those above was:> As this thread was started by ACL issues, are the 50/90/150 Mpps boxes > you mentioned capable of ACLs at these line rates ? > What other beasts besides IP II, Sup2, Eng 3 and Eng4/edge can handle > high-rate ACLs ? There are many vendors in the world that do line rate ACLs those speeds. I believe one vendor showed off 172mpps with ACLs at a tradeshow recently. Think it was about 50% of the cost of a 6500 also. But I could be wrong. - Demand-based forwarding, where the first packet of a flow goes to the "processor-path"; - Processor-based ACLs, where L3 forwarding with no ACLs go "ASIC-path" and ACLs go "processor-path". Rubens Kuhl Jr.
|