Number of TCP connections on equipment

Discussion in 'Cisco' started by JF Mezei, Jan 14, 2009.

  1. JF Mezei

    JF Mezei Guest

    General question:

    From an ISP's point of view, what equipment would be impacted by how
    many TCP sessions customers have ? (for instance, having 100 sessions in
    a Bittorrent applications versus 1 session in an HTTP download).

    Obviously, NAT equipment would be aware of TCP sessions, and so would be
    DPI/throttling equipment. Is NAT commonly used in ISP premises ?

    But in the normal course of an ISP's network, what equipment would
    notice how many TCP sessions someone would have ? Aren't routers totally
    agnostic on this and just route individual packets, totally unaware of
    whether they belong to 1 or 100 sessions ?

    Would it be correct to state that if all customers have 100 TCP
    sessions, versus just 1 TCP session, that route caches on routers would
    be much more loaded since they would remember many more routes to each
    of those destination IPs ?

    Any other impacts on this ?
     
    JF Mezei, Jan 14, 2009
    #1
    1. Advertisements

  2. JF Mezei

    Stephen Guest

    anything that keeps track of sessions or content - the classic one
    that chokes on sessions used to be a firewall.

    Note your home router is probably doing NAT - which keeps per session
    state info.

    proxy cache, or something like the Phorm servers if they ever get
    deployed.

    Even there many such systems only look at specific protocols.
    DPI needs to keep sessions, since it looks at the data but often
    throttling can be a lot cruder - for example, just keep track of the
    rate of Bittorrent traffic, irrespective of how many sessions are
    involved.
    Agreed - routers just worry about where you send IP packets.
    Depends on the router architecture, but modern high end routers do not
    tend to have route caching style designs any more because of thrashing
    when the cache churn is too high - try google for CEF and cisco for
    example.
    the end points for each TCP session carry state, so there would be
    more sessions at your PC and the associated server.

    I suspect that you may get higher throughput in some circumstances -
    an individual TCP session can limit performance. Certainly can happen
    with old TCP stacks or badly tuned devices at the end of the
    connection.

    And lots of TCP connections is likely to cause a bit more traffic
    overhead, since at minimum you have to open and close each one and
    some TCP "stuff" happens on idle connections - whether this matters
    will depend on the connection lifetime and other parameters.
     
    Stephen, Jan 14, 2009
    #2
    1. Advertisements

  3. JF Mezei

    Thrill5 Guest

    Every high end router does "route caching" which is nothing more than a
    mechanism to populate a CAM (Content Addressable Memory) table. The routing
    protocol creates a routing table in the CPU memory, and route-caching is a
    mechanism to populate the CAM. When the route is in the CAM, no CPU cycles
    are required to route the packet. If the route is NOT in CAM the CPU is
    interupted which then must make a decision to determine what to do with the
    packet. On Cisco, the route-caching mechanism current used on all platforms
    is CEF (Cisco Express Forwarding). If you disable CEF on an interface (or
    disable CEF globally), the routing throughput is decreased by a significant
    factor (anywhere from 80% to 99%).

    Routing on any platform does not care about TCP sessions. Routers only
    looks at the IP part of the packet, it doesn't know or care what is in the
    payload part of the packet. It could be a TCP, UDP, or even another IP
    packet.
     
    Thrill5, Jan 15, 2009
    #3
  4. JF Mezei

    Sam Wilson Guest

    Let me add a couple of further caveats - if you're using NetFlow or
    anything else like it then the router will be keeping track of flows
    between hosts, including protocol and port number; also if there is any
    kind of load balancing going on there may be a cache involving MAC or IP
    addresses or L4 port numbers.

    Sam
     
    Sam Wilson, Jan 15, 2009
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.