Router performance

If your router has an e.g. 100Mbit/s interface, does it automatically mean that it can forward packets at that speed? Definitely not!

First, let's define forwarding speed.

A forwarding speed of 100 packets/sec means that the device can handle 100 packets coming in on one interface, make a forwarding decision and send the packets out on an interface every second. Some manufacturers (specifically Cisco) has a different definition, counting a packet coming in and then being sent out as 2 packets, so in the example above, Cisco would say the speed is 200 packets/sec.

The common term wirespeed means that the device is capable of forwarding packets at the maximum possible speed, using the smallest packets possible. For forwarding at wirespeed with a Fast Ethernet interface, this would be approximately 148000 packets/second (pps) full duplex.

For a network device to be considered to be able to forward at wirespeed, it must be able to do this for all interfaces at the same time. This is very rarely a requirement in the real world, and most routers can not do it.

However, most LAN switches are capable of forwarding at wirespeed. Some modular Ethernet switches have limitations at the backplane, and may not be able to forward at wirespeed for all interfaces at the same time. For most applications this is not a problem, but it is definitely something to be aware of.

So, for routers there is usually a upper limit on performance. Let's start with smaller routers using a CPU for forwarding. In these examples, I will be using Cisco routers as examples, because that is where I have the most experience with performance testing, but the same applies to many other manufacturers.

Smaller Cisco routers, e.g. 1700 series, 2600 series (also 2600XM) and slightly bigger ones e.g. 7200 series uses a single central CPU for forwarding, as well as anything else. This means that the limit on how fast the router can forward packets is limited by the speed of the CPU and what other tasks are performed by the router. For instance, applying access lists will slow the performance of the router somewhat. (Even some bigger routers, e.g. the 7600 uses central forwarding, but in that case it is done using special hardware instead of a CPU.)

The big problem with a central CPU is that if the CPU is overloaded, managing the router can be difficult or impossible. This might also mean that the router starts to have problems with routing protocols. Central CPU routers are therefore vulnerable to DOS attacks.

Some bigger routers, e.g. the GSR and 7500, uses distributed forwarding, where each interface card handles forwarding decisions. In those cases, the limits are on what each card can manage and also what the backplane can handle. Some network cards, e.g. the VIPs in the 7500 or the engine 0 cards in the GSR uses a CPU to forward packets, while some of the newer cards for the GSR uses hardware to forward packets.

Distributed forwarding is less vulnerable to high load and DOS attacks.

Now, let's say we want to see if our router has enough performance for a specific application. In this case, we are evaluating a CPE router (CPE = Customer Premises Equipment) for a 4Mbit/s Internet access connection (load-balancing over dual E1). First, we need to get a performance number from our manufacturer (in this case, we assume it is Cisco).

In some cases, you will find the performance number on the manufacturers web site, and in other cases you will need to ask your sales rep for it. Let's assume the number we got is 12000 pps. Since this is Cisco, we divide it by 2, giving us 6000 pps. We assume that we lose 20% if we apply some access lists and other misc stuff, so we end up with 4800 pps.

Now, we need to make some assumptions. We need to know the average packet size for our application. An ISP could easily check in the core equipment what the average packet size is, but let's assume 600 bytes (including headers). To have some head room, in case someone wants to use VOIP or something similar with lots of small packets, we make the calculation with 400 byte packets.

4800 pps with 400 byte packets gives us 15 Mbit/s, with full duplex we get 7.5 Mbit/s, which is well above our requirement of 4 Mbit/s. We can handle down to approximately 210 byte packets, at least in theory.

So, in theory this router should be ok at least as long as we stay above 210 byte packets. In practice, we don't want to be above 60% CPU load, because we don't want to run into trouble with managing the device, even under load.

What we need to do now is to test this device. The theoretical number is just a guideline to start from. We may find out, depending on our configuration, that the theoretical load we should be able to handle is too high or too low. Many things could give us a different performance in real life than the theoretical, for instance the performance numbers from the manufacturer are usually with the smallest possible packets, and with larger packets it may drop substantially.

The best thing to do is to set the device up as it is supposed to be run, and test it with real traffic. If that is not possible, some lab testing is needed. Using some PCs to generate typical traffic might be sufficient to test a smaller router, but for bigger equipment you may need to use some tool to generate load, like the SmartBits or IXIA.

As a conclusion, making sure the performance of the router is enough for your needs is important, but there are many other factors that are important. Making sure your router has a bit more than is needed will make the network more robust and less vulnerable to error situations or DOS attacks.

Copyright 2005-2007 Prefixmaster - Network Bandwidth Monitor. All Rights Reserved.