Wednesday, April 21, 2021

Policy scale estimates on vEdge devices

 VEDGE policy scale depends on the amount of system memory in the fast path carved out for filters/policy.

 

Filter means memory is used for policy filters.

 

Number of policies and system memory scale depends on the platform:

 

vEdge-5000, vEdge-2000, vEdge-1000: Max number of sequences in the policies is 512 and Max filter blocks - 1024*1024 (Size 128MB, each block 128 Bytes)

vEdge100B-2GB:Max number of sequences in the policies is 512, filter blocks -1024*1024

vEdge-100-1GB:Max number of sequences in the policies is 256 and Max filter blocks: 16*1024

vEdge Cloud Medium:Max number of sequences in the policies is 256 and Max filter blocks: 64*1024

vEdge Cloud Small:Max number of sequences in the policies is 256 and Max filter blocks: 6*1024

 

 

Device type

Max sequences

Max filter 128B-blocks

V100B-2GB

512

1024*1024

V1000

512

1024*1024

V2000

512

1024*1024

V5000

512

1024*1024

vEdge-Cloud 2 vCPU/2G RAM

256

64*1024

vEdge-Cloud 4 vCPU/4G RAM

512

1024*1024

vEdge-Cloud 8 vCPU/8G RAM

512

1024*1024

 

128MB will be able to support large number of sequences. Example 100 policies, each policy with 1K sequences.

 

  • Limits
    • V100B-2GB/V1k/2k/5k: 512 sequences OR 1024*1024 = 1,048,576 filter blocks of 128 bytes (dedicated memory of 134,217,728 bytes ~ 128MB or 1,073,741,824 bits > ~1024 Mbits)memory.png
    • Vedge cloud: 256 sequences max OR 64*1024 = 65536 filter blocks of 128 bytes (dedicated memory of 8388608 bytes or 671088646 bits > ~64 Mbits).memory 2.png
  • Usage
    • 1 match statement takes 1 or more filter blocks depending on its complexity
    • 1 action statement takes 1 or more filter blocks depending on its complexity

All the policies in a system shares available filter blocks.

Number of filter blocks required for policy depends on the combination of # of sequences / match / actions.

 

Example: For a platform with 128MB filter memory can support 1 policy with 200 sequences, or 5 policies with 40 sequences each etc.

 

Memory required per policy = Number of sequences * number of match field types (example src-ip, dest-ip, src-port, dest-port etc.) * number of match fields (example: Number of IP prefixes, num ports etc.)* number of action fileds .

 

Number of policies and sequences per policy depends on the customer policy configuration.

 

Part of 19.3 release, you can get the usage with below operational command. 

vm1# show policy filter-memory-usage

 

FILTER  FILTER  BLOCKS  BLOCKS 

USED    MAX     USED    MAX    

--------------------------------

0       256     0       6144

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)