[AusNOG] Cisco 6500 with Sup 720 3BXL - Good routing platform ??
Dobbins, Roland
rdobbins at arbor.net
Mon Sep 20 15:33:09 EST 2010
On Sep 20, 2010, at 12:24 PM, Lincoln Dale wrote:
> i'd content that Netflow is generally "good enough" if used within its limits.
My point is that it's impossible to use it within its limits, due to the lack of any ability to avoid mls table overflow. Couple that with lack of TCP flags and stats on dropped traffic, and the scope of the problem becomes clear.
I've run into the same problems with NetFlow on this platform for the last decade, over and over and over and over again. New hardware will resolve the issue, of course, and one looks forward to any future announcements in that regard.
> clearly doing accounting on something that may be overflowing is not ideal. but its still potentially useful information provided by it. one can scale the Netflow tables through use of DFCs.
Unfortunately, the DFCs don't form a pool, and so arbitrary traffic distribution amongst interfaces/linecards still leads to mls table overflow in many circumstances, with no remediation available. The TCP flags and dropped-traffic issues remain, as well.
> i'd content that historic challenges with ACLs are a thing of the past.
Actually, this is what I was referring to, and it's very much a current issue, as it's tied into the EARL7 design:
<http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a00800c9470.shtml#wp43500>
I've run into this time and time again, with boxes being self-DoSed due to TCAM overflow and consequent software-switching of all packets on interfaces where the offending ACLs were applied.
6500/7600 with current hardware have their place, but the SP edge isn't that place, IMHO. Far better to use then in environments where their excellent hardware forwarding performance shines, and the lack of edge-related functionality isn't an issue.
Just a question of suitability to task, is all.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Sell your computer and buy a guitar.
More information about the AusNOG
mailing list