> I did captive-net testing, using a pair of generator machines direct
> patched (xover cables for 100BaseT) to the snorter's NICs, using
> tcpreplay to inject traffic. I was using completely untuned snort
> 1.9 on Compaq DL-320 low-end boxes, as I recall PIII-1.25GHz and
> 640MB RAM. Packet losses started getting noticeable somewhere around
> 70-80Mbps aggregate, and it made absolutely no difference whether
> the aggregate was coming in over two bonded interfaces, or over a
> single NIC with no bonding loaded. Bonding didn't seem to enter into
> the performance picture at all.
I can see how that would be the case on lower end boxes. However, had
they been extremely beefy, it's possible that the application wouldn't
be the weak link, but the bonding. That's where I'm driving with this
- I'd like to know where the overhead imposed by the bonding causes
packet drops.
> If I'd needed to hit higher performance, there were certainly easy
> measures to take; but as it turned out, I didn't:-).
>
>> Also, is there a way to know if you are dropping frames on the
>> bonded interface? Or do you have to query the individual card
>> statistics, just like anything else?
>
> In my case, I could compare sent to received packet counts
> end-to-end.
My question here was more directed at an environment where the bonded
interface was dropping packets - which didn't appear to be the case in
your situation... Still cool though.
____
S.f.Stover
sstover_at_iwc.sytexinc.com
- application/pgp-signature attachment: PGP_sig
Received on Oct 06 2003
Intro
