RFC: Dedicated TWAMP copp class #2068
Conversation
thijsvanemmerik
changed the title
| ## Alternatives Considered | ||
|
|
||
| 1. **Do nothing:** | ||
| Simple but allows continued false-positive loss and unreliable corridor scoring. |
There was a problem hiding this comment.
Can you rephrase this? I wouldn't say it is false-positive, more insufficient resources. Also what is "unreliable corridor scoring"?
| bandwidth kbps 1500 | ||
| shape kbps 250000 | ||
| ``` | ||
|
|
There was a problem hiding this comment.
Do you know how the existing classes match traffic? There is no reference to an ACL. I assume it is some default (perhaps hidden) match action based on IPv4 unicast traffic.
| Commands to validate deployment: | ||
|
|
||
| ```eos | ||
| show running-config | section copp |
There was a problem hiding this comment.
CoPP doesn't appear in running-config:
chi-dn-dzd9(config)# show running-config | section copp
chi-dn-dzd9(config)#
| ```eos | ||
| show running-config | section copp | ||
| show class-map type control-plane TWAMP-TRAFFIC | ||
| show policy-map interface control-plane |
There was a problem hiding this comment.
We should use 'show policy-map type copp'
chi-dn-dzd9(config)#show policy-map interface control-plane % Unavailable command (This command is deprecated by 'show policy-map copp [ Policy Map Name ]') chi-dn-dzd9(config)#sho policy-map type copp Service-policy input: copp-system-policy Number of units programmed: 1 Hardware programming status: Successful
| show running-config | section copp | ||
| show class-map type control-plane TWAMP-TRAFFIC | ||
| show policy-map interface control-plane | ||
| show copp counters class TWAMP-TRAFFIC |
There was a problem hiding this comment.
chi-dn-dzd9(config)#show copp? % Unrecognized command
I think we are restricted to looking at counters punted to cpu using 'show cpu counters queue'. Perhaps there is another command we can investigate?
|
|
||
| ## Open Questions | ||
|
|
||
| 1. Should the TWAMP class shape be standardized (e.g., 10 Mbps) network-wide, or tuned per location? |
There was a problem hiding this comment.
I think we should standardize for simplicity.
| ## Open Questions | ||
|
|
||
| 1. Should the TWAMP class shape be standardized (e.g., 10 Mbps) network-wide, or tuned per location? | ||
| 2. Should TWAMP drops above a low threshold trigger automatic alerts? |
There was a problem hiding this comment.
If we can confirm how we can see this, then probably yes.
| ```eos | ||
| class-map type copp match-any TWAMP-TRAFFIC | ||
| match ip access-group TWAMP-ACL | ||
| ``` |
There was a problem hiding this comment.
chi-dn-dzd9(config)# class-map type copp match-any TWAMP-TRAFFIC % Unavailable command (not supported on this hardware platform)
| policy-map type copp copp-system-policy | ||
| class TWAMP-TRAFFIC | ||
| bandwidth kbps 1500 | ||
| shape kbps 10000 |
There was a problem hiding this comment.
Should this be shaped? Shaping has the potential to create inflated latency values as opposed to policing. Also, not sure if it's possible, but if there is an excess of traffic, it may be more beneficial to mark this traffic down, as opposed to shaping or dropping.
| **Recommended rates:** | ||
|
|
||
| * `bandwidth kbps 1500` — guarantees minimum 1,5 Mbps allocation. | ||
| * `shape kbps 10000` — caps TWAMP CPU utilization to 10 Mbps. |
There was a problem hiding this comment.
What do you mean by "cpu utilization?
|
|
||
| **Recommended rates:** | ||
|
|
||
| * `bandwidth kbps 1500` — guarantees minimum 1,5 Mbps allocation. |
There was a problem hiding this comment.
@snormore Does this seem reasonable to you? I think we're way below this anyway.
|
Arista confirmed that it's not supported on the current hardware used in DZ to exclude the TWAMP traffic from the copp-system-ipunicast class. The levers that we do have are to adjust the shape rate or bandwidth of the copp-system-ipunicast class. Therefor closing this PR. |
This RFC proposes adding a dedicated control plane policing (CoPP) class for TWAMP traffic (UDP/862) within the global
copp-system-policyon all DoubleZero switches.