Home page logo

nanog logo nanog mailing list archives

Re: 7206 VXR NPE-G1 throughput
From: Mark Walters <mark () metricnetservices com>
Date: Tue, 11 Feb 2014 13:03:34 -0800

We run 7206 NPE-G1s on some GigE peering points.  At about 800Mbps of
aggregate Internet traffic (inbound + outbound, as measured from Cacti)
the CPU sits around 70%.

- inbound and outbound Internet-facing ACLs (50 lines and 25 lines
respectively, turbo ACL)
- Inbound Internet-facing policy-map to remark DSCP (references 7-line ACL)
- minimal routes via BGP (approx 1500)
- 15.1 SP train

YMMV, but they work well for us in this scenario.  With
downstream-to-upstream traffic patterns of approx 7-to-1 the GigE and CPU
will peak out at about the same time.

Side note - our G2s at that same 800Mbps traffic rate run at approx 60%

Mark W

On 2/11/14 2:10 AM, "Geraint Jones" <geraint () koding com> wrote:

Or assuming your using an Ethernet of some sort as your upstream
connections you could grab something like a CCR from mikrotik for < $1k
and sleep easy knowing you're only using 6% of it's capacity.

Sent from my iPhone •

On 11/02/2014, at 3:52 pm, Octavio Alvarez <alvarezp () alvarezp ods org>

On 02/10/2014 06:05 PM, Vlade Ristevski wrote:
Are you suggesting getting the default gateway from both providers or
getting the full table from one and using the default as a backup on
other (7206)?

Whatever suits you best. Test and see. I'd just receive the full table
anyway but filter them out, letting only the default routes go into the
RIB. This should streamline your FIB. As I say, you lose outbound load
balancing and your redundancy becomes all-or-nothing, but you save a few

Again, I wouldn't recommend any of this because of the drawbacks, but
along with other recommendations that others have made, like Turbo ACLs,
it may buy you some time.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]