TECH ARTICLE- intro to HRT
HRT is one of the aspects of the Riverstone gear that you can manipulate and use effectively, but you won't find any documentation on it in the Users Guide. So I thought I might give a small intro on HRT and it's issues.
HRT is Riverstone's ability to move routing and flow setup off the CPU and onto the line cards themselves, significantly enhancing the performance of the CPU. HRT uses asics on each line card to store the entire route table generated by the CPU on each line card, so that route lookups for IP flows can happen on the line cards themselves. Then the HRT asic on the line card processes the flow itself, without involving the CPU. Without HRT in effect, every flow on the box must come through the CPU.
ASIC Generations and limitations
The asics that HRT in most Riverstones in use rely on fall generally into two categories, 3rd and 5th Generations. 3rd Generation asics have only 8mb of ram to store the routing table with, and this limits the table size to about 100k routes. 5th Generation asics have 16mb of ram, and thus have a capability of storing about 200k routes. If the asics receive more routes than they can handle, they shut down HRT.
The effect this difference in ram has on the other processes on the box isn't that significant, with the exception of BGP. 3rd Generation boxes running BGP need to keep their FIB below 100k routes so that HRT won't shut down. This can be a real nightmare if you are pushing a high packet rate and running BGP, and suddenly the CPU has to handle both responsibilities because HRT shut itself down.
Another 3rd Generation limitation on the use of HRT revolves around the application of ACL's. 3rd Generation hardware doesn't process ACL's; that job is left to the CPU. Depending on how you apply ACL's on an RS, HRT can be shutdown across some ports on the RS and every port on the RS. An ACL that is applied to an IP interface for inbound traffic only will disable HRT on the ports the interface belongs to. An ACL that is applied to an IP interace for outbound traffic will disable HRT on the entire RS. The impact this has on performance is relative to the packet or ip flow rate on the box. ACL's that are applied to the CPU only have no effect on HRT.
5th Generation hardware overcomes this limitation (when used with the CM5 and ROS 9.3+) and can handle ACL's in the hardware, relieving the CPU of the responsibility.
On a side note, while 5th generation asics are definitely much better (and more expensive) than their 3rd Gen counterparts, depending on a particular network's needs, 3rd Gen hardware can do the job just fine (look for the upcoming posts about RS as a firewall and BGP router, done on 3rd Gen gear.)
posted by Unknown at
3:30 PM
3 Comments:
I implemented HRT on my RS-8000s with a CM5 card and the CPU dropped from over 80% to under 30%. The NI H Process is no longer a problem.
By
Nicky Smith, at December 24, 2007 at 8:38 AM
I can not find any documentation on these hrt set options:
drop-unresolved-arp - Drop packets for unresolved ARPs
flow-route-fix - Enable HRT flow route fix
icmp - Set icmp related parameters
link-flap-fix - Enable HRT link flap fix
priority-level - Set internal priority for traffic forwarded by HRT
rate-limit - Set rate limit in HRT
source-ip-validation - Enable IP Source Address Checking in HRT
I have the 9.4 documentation, but running 9.4.0.6.
Any help anyone can offer is greatly appreciated.
Nicky Smith
By
Nicky Smith, at December 29, 2007 at 1:59 PM
I was told by a knowledgeable router engineer that has a experience with Riverstone the following:
"hrt was a last ditch effort from riverstone to fix their crappy flow based box and I know hrt was never widely deployed by anyone, since it was very very problematic."
Can you, or anyone comment on this?
By
Nicky Smith, at December 29, 2007 at 5:53 PM
Post a Comment
<< Home