We're doing DS-Lite with PBA (on MX/MS-DPC) and recently we managed to analyze various data, from where one interesting point came up. We are using 512 ports per block and 16 blocks per ip, while we started with 1024 and 8 respectively. Every time we decrease the ports per block and increase the blocks per ip (keeping 8k ports per user as the max), we get better port utilisation/efficiency but also an increase in the amount of logs.
Collected data show that every day almost 95% of sessions utilize less than 512 ports, so we have thought of two solutions: 1) Remove from DS-Lite the users having high-port-usage sessions (assuming they are mostly the same every day and we automate it somehow) 2) Apply a port block allocation of variable-size port blocks (i.e. 128, 256, 512, 1024, 2048, 4096) So, does anyone know whether Juniper or another vendor has (or is planning to have) a PBA implementation using variable-size port blocks? Instead of a linear increase (f(x)=nx), other more intelligent algorithms (i.e. f(x)=x^2 or f(x)=2^x) are used, where the more a user asks for extra blocks, the more he gets each time. Even a static definition of all steps (go from 512 to 3072 and then to 4096) would be better. In that case i could live with the limitation of the sum of port blocks not rounding up exactly to the max number of 8k ports. -- Tassos _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
