[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-morrow-filter-caps-00 comments
On Mon, 07 Mar 2005 07:37:05 +0000 (GMT), Christopher L. Morrow
<christopher.morrow@mci.com> wrote:
> > 2)
> >
> > 2.1.3 Ability to Filter Traffic To the Device - Minimal Performance
> > Degradation
> >
> > ==> this section is too ambiguous to be of any real use. I guess you'll
> > _have_ to specify at least "minimum" minimum performance degradation -- if
> > the vendor can't perform even _that_, it shouldn't claim to be compliant
> > (e.g., a device should be able to deal with 50 address/port based rules
> > with no change to the maximum transfer rate with 20 byte packets).
>
> The performace degradation I was aiming at was: "console access" or
> "management access" limitations... a 7206 can filter (sort of) 5kpps aimed
> at the device once you put on recieve-path acls, but it won't be very
> happy about that filtering and device CPU will shoot to 99% :( That's
> unacceptable. Filtering "TO THE DEVICE" should have no impact on device
> CPU/management/console...
That's a useful distinction....I we do want to address the filter THROUGH
w/mimimal degredation as well.
---George