cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Re: How does the Medium Path (PXL) and Content Inspection work with R80

I realized it was a bit of a streatch when I mentioned it, and I completely understand that limits need to be placed or information over flow will occur.  

And yes the code base itself if for the most part not CP so it's almost a fringe component in that regard as well.

With all that being said, it is also one of the single most significant tuning point that exist under load testing.  Shifting cores between SXL and CXL along with their affinity is a majority of the tuning process on a 64k. Sans locating misconfigurations, policy optimization and undocumented features it is the tuning process for 10GbE installations.

Given its importance, I had thought that noting its place in the chart night be worthy.  As a logical diagram I would only assume some leway would be given to not require multiple cores.

I also understand the need for keeping it simple.

-src

 

Sean Costello
Network Security Professional
SRC & Associates

Re: How does the Medium Path (PXL) and Content Inspection work with R80

Hi,

I Agree with Costello Sean in many points. I like the 61K/64K systems and I am happy if I get a project. If we talk about 64K systems, we get one more level into the game. We would also have to discuss the connection between SSM and SGM. This happens via Distribution Mode (dxl). After this statement we could talk about 64K tunning. Let's do this in the 64K section of this checkmates forum. I think it's good! I think that would go beyond the scope of this article.

---

Timothy Hall has already mentioned some good points!

CUT>>>

...

9)SoftIRQ run begins on SND/IRQ core

10) Process frames from ring buffer(s) and send to all registered receivers (i.e. SND, libpcap if tcpdump running)

11) Continue SoftIRQ run until all ring buffers are empty, maximum number of frames specified by net.core.netdev_budget (default 300) is reached, or two jiffies of time have elapsed

12) SoftIRQ run ends

<<<CUT

But what happens next? We should get back to the original theme:

How does the Medium Path (PXL) and Content Inspection work?

 

Regards

Heiko

Re: How does the Medium Path (PXL) and Content Inspection work with R80

It is possible to debug the PSL path with „fw ctl zdebug + tcpstr“. I am not sure if you see 100% from PXL path with this command.

Regards,

Heiko

Re: How does the Medium Path (PXL) and Content Inspection work with R80

Not 100%
One can see streaming decision and security decisions returned by the parsers