rate-limit in bytes or bits p/s

[Stoney]

Hi,

Is the rate-limit function in exabgp in bytes or bits? From my testing it appears to be bits/s (99995000 is giving me about 85Mbps), but juniper documentation says the local flow configuration is in bytes.

lab# run show route table inetflow.0 detail

inetflow.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
Restart Complete
x.x.x/24,x.x.x/24,proto=6/term:1 (1 entry, 1 announced)
*BGP Preference: 170/-101
Next hop type: Fictitious
Address: 0x2389554
Next-hop reference count: 1
State: <Active Ext>
Local AS: 1111 Peer AS: 655
Age: 15:02
Task: BGP_655.200.200.200.1+52909
Announcement bits (1): 0-Flow
AS path: 655 I
Communities: traffic-rate:0:99995000
Accepted
Localpref: 100
Router ID: 200.200.200.1

[Thomas Mangin]

Hello,

> Is the rate-limit function in exabgp in bytes or bits? From my testing it appears to be bits/s (99995000 is giving me about 85Mbps), but juniper documentation says the local flow configuration is in bytes.

RFC 5575 states : "The remaining 4 octets carry the rate information in IEEE floating point [ IEEE.754.1985 ] format, units being bytes per second. A traffic-rate of 0 should result on all traffic for the particular flow to be discarded."
So Juniper docs is right to say it should be bytes per second ...

ExaBGP just takes the number you give it, encode it using the python builtin encoding, insert the 4 bytes it into the BGP packet and let the router do its magic with whatever value you gave it :-)
If your configuration says 99995000 and Juniper reports 99995000 then the IEEE encoding / decoding work.

Now, If you test reports that the router is using the value as bits per second, you should raise this issue with Juniper's TAC ..
You could try as well juniper-nsp as quite a few Juniper engineer are lurking there if you have no support contract.

Good luck,

Thomas

[Stoney]

Thanks Thomas for the reply. I will raise it will tac.

I've had issues with rate-limit in the past with J/SRX series, if you set 10Mbps you would only get about 2Mbps, in order for it to work correctly you had to set the burst rate to a certain value (I forget what that was, I think it was a percentage of the rate-limit).

The router I am testing flowspec with though is an MX, which didn't have the above issue... but burst value isn't part of flowspec anyway.

[Stoney]

Hi Thomas,

I've been working with JTAC for over a week now, they finally realized that their documentation was wrong and they have updated their docs (link below used to show in Bps) which now show that their rate-limit value is in bps, not Bps. It sucks that they don't match up to the RFC, but now that I know this I can adjust my settings.

http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/flow-routes-understanding.html

[Thomas Mangin]

Thank you very much for this follow up email. I can not think of any way for ExaBGP to detect that it is speaking with a broken Juniper and fix the rate, but adding an option under the peer, would it be useful ?

When I go to the IETF in London I will try to find out what Alacatel has implemented and what Cisco is planning and add a wiki page to document this brokenness.

 Thomas

Sent from my iPad

--
You received this message because you are subscribed to the Google Groups "exabgp-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to exabgp-users...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Stoney]

Maybe just a comment in the example file for Juniper only? Would be great to hear about Alcatel and Cisco, so I can send that info back to Juniper ;)  I will check with my inside Cisco peeps and see if they can find out any info as well. I still haven't heard a firm date on when Cisco plans to support flowspec (I just keep hearing sometime in 2014), and I assume it will be ASR only at first.

[Thomas Mangin]

Hello,

I have written https://github.com/Exa-Networks/exabgp/wiki/Flow-Spec-:-_-README-first

I could have a "vendor" option under the peer to fix up this issue I suppose ... but then what when JunOS is fixed ... sigh !

Thomas