1. Home
  2. Cisco Systems
  3. Number of TCP connections on equipment

Number of TCP connections on equipment

General question:

From an ISP's point of view, what equipment would be impacted by how many TCP sessions customers have ? (for instance, having 100 sessions in a Bittorrent applications versus 1 session in an HTTP download).

Obviously, NAT equipment would be aware of TCP sessions, and so would be DPI/throttling equipment. Is NAT commonly used in ISP premises ?

But in the normal course of an ISP's network, what equipment would notice how many TCP sessions someone would have ? Aren't routers totally agnostic on this and just route individual packets, totally unaware of whether they belong to 1 or 100 sessions ?

Would it be correct to state that if all customers have 100 TCP sessions, versus just 1 TCP session, that route caches on routers would be much more loaded since they would remember many more routes to each of those destination IPs ?

Any other impacts on this ?

Reply to
JF Mezei
Loading thread data ...

anything that keeps track of sessions or content - the classic one that chokes on sessions used to be a firewall.

Note your home router is probably doing NAT - which keeps per session state info.

proxy cache, or something like the Phorm servers if they ever get deployed.

Even there many such systems only look at specific protocols.

DPI needs to keep sessions, since it looks at the data but often throttling can be a lot cruder - for example, just keep track of the rate of Bittorrent traffic, irrespective of how many sessions are involved.

Agreed - routers just worry about where you send IP packets.

Depends on the router architecture, but modern high end routers do not tend to have route caching style designs any more because of thrashing when the cache churn is too high - try google for CEF and cisco for example.

the end points for each TCP session carry state, so there would be more sessions at your PC and the associated server.

I suspect that you may get higher throughput in some circumstances - an individual TCP session can limit performance. Certainly can happen with old TCP stacks or badly tuned devices at the end of the connection.

And lots of TCP connections is likely to cause a bit more traffic overhead, since at minimum you have to open and close each one and some TCP "stuff" happens on idle connections - whether this matters will depend on the connection lifetime and other parameters.

Reply to
Stephen

Every high end router does "route caching" which is nothing more than a mechanism to populate a CAM (Content Addressable Memory) table. The routing protocol creates a routing table in the CPU memory, and route-caching is a mechanism to populate the CAM. When the route is in the CAM, no CPU cycles are required to route the packet. If the route is NOT in CAM the CPU is interupted which then must make a decision to determine what to do with the packet. On Cisco, the route-caching mechanism current used on all platforms is CEF (Cisco Express Forwarding). If you disable CEF on an interface (or disable CEF globally), the routing throughput is decreased by a significant factor (anywhere from 80% to 99%).

Routing on any platform does not care about TCP sessions. Routers only looks at the IP part of the packet, it doesn't know or care what is in the payload part of the packet. It could be a TCP, UDP, or even another IP packet.

Reply to
Thrill5

Let me add a couple of further caveats - if you're using NetFlow or anything else like it then the router will be keeping track of flows between hosts, including protocol and port number; also if there is any kind of load balancing going on there may be a cache involving MAC or IP addresses or L4 port numbers.

Sam

Reply to
Sam Wilson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.