Re: Router performance on OpenBSD and OpenBGPD

Wed, 21 Feb 2007 17:36:08 -0800 

On 21 Feb 2007, at 23:41, Henning Brauer wrote:


* Alex Thurlow <[EMAIL PROTECTED]> [2007-02-22 00:25]:
I have 2 GigE lines from different providers balanced via BGP with full 
routes from both providers.  Currently, these are running through a
Linux/Quagga/Iptables router/firewall with a P4 3.2 GHz. The distro is 
Gentoo, and we've stripped it down quite a bit.

We're pushing streaming video, so it's almost all outbound traffic by
about a 30:1 factor, and our average packet size is quite large - around 1200 bytes. At the moment, when we hit about 350Mbps, the router gets 
to ~30% CPU usage, and it appears that we stop being able to pass all
the traffic at full speed.  I don't see packet loss, but our traffic
graph flattens a good bit.  At those rates, we also start to see
crashing, but we haven't been able to figure out the exact cause of
those either.
So, long story short, I need a new router. We've looked at Cisco, etc. and for what we're doing, it looks like we need a carrier class router. 
I can get a decked out 12008 for about $8k, but I'd rather not spend
that much, or use the 2 feet of rack space.
I've used OpenBSD/PF for firewalls in the past, and loved them, so I'd like to use it for a router if it can handle what we need. Basically, I 
need to be able to saturate both of those GigE lines.  I'm willing to
buy the brand-newest hardware - the PCI express bus should be able to do 
2.5 Gbps, but I can't find anything that says I can push that much
through software.


well... "it depends".
we have a router at a customer that I have seen peaking above 750
MBit/s, and that was with relatively "mean" traffic (i. e. not all nice 
big packets). so I'd say there is a realistic chance to get reasonably
close (and if everything else fails, you can still split outgoing over
two or so).
naturally, that requires somewhat carefully selected hardware, and
these are ones of the very few machines I run where we do not go for
GENERIC.* for a reason.

--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam 



What are the main changes you make to GENERIC Henning?

                ---
                Liam J. Foy
                <[EMAIL PROTECTED]>

Reply via email to