Reply
Regular Member
Posts: 461
Registered: ‎05-29-2014
Kudos: 94
Solutions: 7

uCRM Netflow vs Router Hardware Offloading

I'm curious to hear people's general thoughts on this one.  I've found that because netflow is enabled on my gateway router, I can't offload the processing to HW for NAT/forwarding.  I'm running a ER-Infinity and I'm still under 1gbit total throughput for my fiber backhaul which puts the CPU around the 20% mark during busy times and my ram is at like 2% usage.

 

I assumed since it was doing all CPU based routing, I could use my CPU thresholds as the indicator for capacity.  I also heard some folks were doing a mirrored port and putting the monitor on that port which might allow hardware offload for the actual traffic.

 

Anyone have thoughts on this or found a situation they like on their main routers to get the uCRM stats but also use HW offload?

Established Member
Posts: 1,615
Registered: ‎03-23-2013
Kudos: 235
Solutions: 53

Re: uCRM Netflow vs Router Hardware Offloading

Well, we just upgraded from an ER-4 to an Infinity because our 300+ throughput was killing the ER-4 with Netflow turned on.  I was just in the process of getting Netflow going when I had a small disaster.  

 

I was really planning on the Infinity being able to cover this for quite some time, but if and when it didn't, we have an ES-24 directly downstream of the Infinity.  I figured I would try setting up a port mirror on it's upstream port and direct that to an ER-4 or similar to do Netflow.

 

I don't know if that is a completely valid idea yet or not.

Regular Member
Posts: 461
Registered: ‎05-29-2014
Kudos: 94
Solutions: 7

Re: uCRM Netflow vs Router Hardware Offloading

ouch, that was a bummer on the other thread.  Watch out for HW offerload, i'm not sure which hardware the ER-4 is based on, but you may have settings enabled that the Infinity can't use.  it would be painful, but I'd be tempted to wipe the config and build it via infinity as opposed to trying to restore one from the ER-4.

 

That's an interesting idea, doing a port mirror to another router for the checking.  I have a spare but I have it offline (in case of power surges and what not).  If you were sending all the traffic to an empty 10g Infinity port, couldn't the monitor just check that port as easily as getting it from another device?

Established Member
Posts: 1,615
Registered: ‎03-23-2013
Kudos: 235
Solutions: 53

Re: uCRM Netflow vs Router Hardware Offloading

I don't think there is any differences besides port counts.  But I could be wrong.  Waiting on someone from UBNT to hit the forum and give me an answer.

 

I tried restoring the config this morning to the old working config and it didn't help.

 

I don't quite follow the last part of your last post?  The reason to mirror a port on the switch and send it to a second router dedicated to just doing Netflow is so you don't lose hardware offload on your primary router.  The hope is that without doing any routing, NAT, etc, just Netflow that secondary router could handle a lot more traffic as a Netflow generator before it ran out of CPU.

 

I haven't tried it yet, so I have no experience.

Regular Member
Posts: 461
Registered: ‎05-29-2014
Kudos: 94
Solutions: 7

Re: uCRM Netflow vs Router Hardware Offloading

Yeah I get the gist, but I'm not sure it actually needs to be sent to another device.  Just by sending it to an empty port, theoretically we should be able to put the netflow tracker on the mirrored port which would let the other ports on the router operate with offloading.  That way there's not another device in play for the configs and overall failover.

 

IE, on mine, port ETH5 is empty.  If I mirrored my incoming/outgoing ports to ETH5, I should be able to put netflow on it and remove from all other ports.  Theoretically I'd think that would let me run offload for ETH0-4, 6-7.  I haven't tried yet though, maybe its all or none.

Established Member
Posts: 1,615
Registered: ‎03-23-2013
Kudos: 235
Solutions: 53

Re: uCRM Netflow vs Router Hardware Offloading

Hardware offload is not per port.  It's per the entire device.

Reply