[Bro] A few questions

[Tyler Schoenke]

Just an update, the Intel Research Labs driver and Click code is available:

http://routebricks.org/code.html

I'm going to give this a try.  If this works, I may be able to turn my
current Bro server into a ~10 Gbps front-end router/load-balancer.  That
should be quite a bit cheaper than a commercial load balancer.  Workers
could potentially be run on this server as long as they didn't degrade
the Click performance, otherwise, we could buy a switch and more COTS
servers to use as workers.

The hardware requirements appear to be Intel 'Oplin' 10GbE 82598EB NICs,
and a server with Nehalem (not VanHalen) architecture that can run Linux
kernel 2.6.24.7.

Tyler

On 02/04/2010 10:13 AM, Tyler Schoenke wrote:
> On 02/04/2010 09:29 AM, Nicholas Weaver wrote:
>> That may work today:  The Intel Research Labs folks have been able to get Click to move 12 Gbps through a single dual-interface PCIe x8 (pretty close to the theoretical limit, BTW) Intel 10 GigE card using kernel mode drivers and the latest Intel hardware.  With a separate card for in and out on separate PCI-E busses, you might indeed be able to get 10 Gbps in and 10 Gbps packet-marked back out.  I don't know if their click kernel mode drivers are available.
> 
> Thanks for the info.  I'll try to contact them and see if their code is
> available.  My server is certified to run RHEL, and they have Linux
> drivers available for the 10 GigE cards as well, so something like this
> may work.
> 
> 
>> It would also probably be easier to just send packets back out a different 10 Gbps interface, and just overwrite the MAC and let a COTS switch then handle the routing to particular worker nodes, rather than having a collection of 1 Gbps interfaces.
> 
> You can tell I'm not a networking person.  That sounds like a better,
> streamlined, and more expandable idea.
> 
> Thanks,
> 
> Tyler
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>