IDSM-2 Throughput
Hi,
Do you know what is the througput on an IDSM-2 when in "promiscuous mode"?
thank you.
regards,
jonix
As per the data sheet it is 600 mbps.
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_data_sheet09186a00801e55dd.html
Please rate helpful posts.
Regards
Farrukh
Similar Messages
-
IDSM-2 Throughput in Bypass Mode?
HI,i cisco documentation idsm-2 has 500Mbps throughput in inline mode and 600Mbps throughput in passive.so suppose that our idam-2 is in inline mode,then if we put our idsm-2 in Bypass mode,how much traffic idsm-2 can handle without any inspection?(throughput?)
thanks.The IDSM-2 would only be supported at the same 500Mbps for both inspection and ByPass mode.
There is not a separate rating for ByPass mode.
With that said, the IDSM-2 will do much higher than 500Mbps while in ByPass mode (assuming nothing else happening on the sensor).
But I am not sure how much more since we don't generally test performance while in ByPass mode.
You would not want to plan your network on the ByPass performance capability.
The other reason is that when the sensor goes into ByPass there be something else going on in the sensor.
In the case of a Signature Update there will be signature processing consuming much of the CPU and memory so ByPass will not perform at its top performance. -
IDSM-2 load sharing across two chassis
We are currently putting together a solution that I have come in halfway through just after some assistance in regards to setting up the IDS. We have 2 * 6509 chassis, 2 * IDSM-2 modules.
Scenario 1 - Both IDSM-2 Modules in primary chassis, can load balance traffic to IDS. Primary Chassis failure = no ids.
Scenario 2 - IDSM-2 Module in each chassis, active/standby scenario. Can basically only use one IDSM modules throughput. Chassis failure still have IDS.
At the moment I am leaning towards the first scenario and no IDS if we have a chassis failure. Just wondering if it's possible to load balance in scenario 2.Hi,
I guess it depends on your topology. If your 6509 switches are used as layer 3 switches using HSRP then even if only one 6509 is used as HSRP active for all VLANs and you have two IDSMs in there, you will miss all the traffic that is going through your HSRP standby chassis. For example, outbound traffic of a VLAN may be seen by HSRP Primary's IDSMs, but return traffic could be comming in both directions (HSRP Primary and Secondary 6509s). If you have one IDSM on each 6509s, then you are already using both of them. Please note that IDSM2's throughput is 600 Mbps.
Thank you.
Edward -
IDSM-2, inline and Passive mode in same Module?
Hi,i have a question that it can be strange.in our network we have implemented idsm-2 module in our 6513 Switch in inline mode.without any discution about network design suppose that our network is going beyond IDSM-2 Throughput and then we want to use IDSM-2 for some traffic in Passive mode insted of inline to reduce drop probability in inline mode.i mean before this state we were using idsm-2 data port 1(in vlan pair mode),now can we use data port 2 for this purpus(capturing some traffic on data port 2 for passive operation)? in other word idsm-2 can operate in this way?
i found my answer in idsm-2 document "You can mix sensing modes on IDSM-2. For example, you can configure one data port for promiscuous mode and the other data port for inline VLAN pair mode. But because IDSM-2 only has two data ports and inline mode requires the use of both data ports as a pair, you cannot mix inline mode with either of the other two modes." but something else,for doing such thing suppos that i have sig 2004 configured for inline traffic to deny attacker inline then this action doesnt make any sense for some data in passive mode and suppos that for that kind of traffic which idsm-2 is operating in passive mode i want to just send an alert. so can i use deferent VS for doing this? thanks.
-
Cisco Doc says the IDSM-2's throughput is 600Mbps in promiscuous mode, so what throughput I would get if I just send traffic to one data port.
From the real-world note: We have numerous Cisco IDS devices, from 4215s up through 4250XLs and IDSM-2s. None of them meet their rated numbers, most start dropping packets at 1/3 of their claimed capacity. This is even after several TAC cases and extensive investigation by TAC engineers and internal developers. Maybe if you shut of 90% of signatures you could get there. Don't believe the hype.
-
How many in-line VLAN pairs are supported on IDSM-2
Hi Netpros,
I have a couple of questions and would appreciate your assistance.
1.- Is there any limitation regarding the number of in-line VLAN pairs which can be monitored by the IDSM-2. Using the below version in the cat 6K. I need to monitor about 10 VLAN pairs using in-line mode.
Core 1: Version 12.2(18)SXD7
1 Centralized Forwarding Card WS-F6700-CFC SAL1126STTL 3.1 Ok
2 Centralized Forwarding Card WS-F6700-CFC SAL1121PELM 3.1 Ok
3 Centralized Forwarding Card WS-F6700-CFC SAL1126SXJG 3.1 Ok
4 Centralized Forwarding Card WS-F6700-CFC SAL1105FV2Z 2.1 Ok
5 Policy Feature Card 3 WS-F6K-PFC3B SAD09460517 2.1 Ok
5 MSFC3 Daughterboard WS-SUP720 SAD094608WX 2.3 Ok
6 Policy Feature Card 3 WS-F6K-PFC3B SAL1005C5WC 2.2 Ok
6 MSFC3 Daughterboard WS-SUP720 SAD091300RC 2.7 Ok
7 Centralized Forwarding Card WS-F6700-CFC SAL1134YWA3 4.0 Ok
Core 2: Version 12.2(18)SXF10
3 Centralized Forwarding Card WS-F6700-CFC SAL1049A4BD 2.1 Ok
4 Centralized Forwarding Card WS-F6700-CFC SAL1133XJKG 3.1 Ok
5 Policy Feature Card 3 WS-F6K-PFC3B SAL1133XJZF 2.3 Ok
5 MSFC3 Daughterboard WS-SUP720 SAL1133XMQF 3.0 Ok
9 Centralized Forwarding Card WS-SVC-WISM-1-K9-D SAD125003MC 2.1 Ok
2.- Do I need to create one virtual sensor per in-line VLAN pair ?
Your assistance would be much appreciated.I don;t know if there is an actual number, but I thought I remember the simultaneous number of VLAN pairs supported by the IPS OS was quite high. I'm currently running IDSMs with well over 10 VLANs.
You do not need to create a separate virtual sensor for each VLAN (That would use up your system resources quite quickly, as it is you can expect to get about 6K connections/sec and about 250Mb/s of throughput in a single sensor instance). You would only want a separate virtual sensor if you needed wildly different signature policies on each VLAN that couldn't;t be otherwise handled by Event Action Filters and Overrides.
- Bob -
I would like to configure an IDSM-2 in inline mode, I am having trouble about the deployment, I have a couple of questions;
1. If you configure 2 VLANs (existing) as VLAN pairs does this mean the exist connection between the 2 VLANs is broken?
ie they can only communicate to each other via IPS.
2. Where is the best place to deploy this type of IPS?Hello
1. If configure properly, it will definitely not break any connectivity (its a bump in the wire). Of course if some traffic is denied by any IPS signature itself, that is a different matter. Please see this example for more help:
http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_configuration_example09186a0080876d9f.shtml
2. Inline mode is deployed where you want proactive protection and the the IPS box you have has sufficient throughput and other resources that will allow it to monitor that segment of your network (or multiple segments for that matter..)
Regards
Farrukh -
IDSM-2 gives 500Mbps in IPS mode and 600Mbpgs in IDS mode. Bundling 4 IDSM-2 in single chassis gives 2Gbps performance with Sup 32. But the FWSM provides 5Gbps throughput and the Sup 720 supports 40Gbps switching. What is the disconnect here? How do you design your IDSM-2s to support 5Gbps throughput when you have a single FWSM supporting 5Gbps?
If you exceed the monitoring capability of the sensor, then packets that can not be monitored will be dropped by the sensor.
NOTE: 500Mbps is not an absolute performance number for the sensor. It is a performance level that the sensor has been testeed to be able to handle for specific types of traffic used in the performance test. It is unknown exactly how much traffic the sensor will be able to handle for your network. The IDSM-2 will likely handle AROUND 500 Mbps is many and even most customer networks. However, networks do vary and in some networks it may handle quite a bit less traffic, and in other networks might handle even more.
So the question isn't what will happen if you send more than 500 Mbps, but rather what will happen if you send more of your traffic than what the sensor is able to monitor. And the answer is that any traffic that can not be monitored because of performance limitations will be dropped by the sensor.
The only time packets are forwarded without inspection is if sensorApp has stopped monitoring ALL packets (either a reconfiguration or upgrade is taking place, or the sensorApp process has crashed) AND the auot software bypass functionality has kicked in. In which case ALL packets would be forwarded without analysis. -
Hi,
How many types of signatures need to be enable while IDSM-2 deploying in Data Center behind FWSM?
ThanksThank you for your response!!!
We are planning to deploy IDSM-2 at client site. Customer is asking few things:
1. If we install it in promiscuous mode then what will be the best utilization and design for this module,
how to configure it
2. If we install it in inline mode then what will be the best utilization and design for this module, how to configure it.
Let me to explain you few things:
They have multiple vlans in Cisco 6509 Switch and the servers are placed behind the firewall (FWSM), they want to inspect all vlans traffic forwarding towards server farm.
To fulfill their requirements, we recommend them to install IDSM-2 in promiscuous mode, as this module has less throughput and also advise them to keep up to date the latest signatures in IDSM-2. On our recommendation, they want some experts to weight it or advise if some other best practices design to install IDSM-2 in their network.
I really appreciate if you add your valuable inputs in this regard, as we have to deploy this module in coming weekend. Your early response will be highly appreciated.
Thanks in advance! -
I have briged the FWSM VLANs ( named DMZ,DMZ-BRIDGE) via the IDSM. However, on the 'show failover' on FWSM the server VLAN shows as 'No Link/Unknown'. Is it because there is no IP assigned. Is it the right status/configuration. Do I need to assign an IP to the bridged VLAN. Please assist.
This host: Primary - Active
Interface DMZ-BRIDGE (0.0.0.0): No Link (Not-Monitored)
Other host: Secondary - Standby Ready
Interface DMZ-BRIDGE (0.0.0.0): Unknown (Not-Monitored)In most of the data centers IDSM could be a bottleneck due to its 600Mbps(Promiscuous) & 500Mbps(inline) limitation.
If its placed inline and has no capacity to process new packets then like any other inline device it will start dropping packets.
In your case you need to know the throughput needed between segments.
If you are not sure then dont use IDSM in inline mode.
In promiscouous mode, using VACL you can define traffic to be examined by Sensor using ACLs.
Although IPS exist at the WAN/Internet Layer, its still desirable to have IPS/IDS at service layer to protect resources from getting compromised.
When we say bridging vlans using IDSM then we mean IDSM in inline mode. In case of ACE if you want to use IDSM inline then you will bridge server vlan interface of ACE & Actual Server Vlans.
Vlan X (client vlan) ACE (Server Vlan)Vlan Y IDSM (Real Server Vlan) Vlan Z
In the above example you will bridge vlan Y & Z.Since you are bridging the two vlans, Same IP address space will be used in the two Vlans.
Syed -
We have cat 6509 switch with FWSM, IDSM-2, NAM modules. Customer wants all the internal VLAN's to be monitored by IDSM in inline mode. Customer has around 400 VLANS in datacenter and wants to monitor all communications between VLAN's. How do I monitor all VLAN's when IDSM has 2 data ports and can only span 255 vlan groups per port?
Please suggest!
VinodI don't know if anyone is still watching this or not but that's a lot of VLANs to go through a (single?) IDSM. Technically you should be able to do it by splitting the VLAN pairs across the two data ports (i.e. vlan 2-200,1002-1200 on DP 1 and vlan 300-500,1300-1500 on DP 2). Considering each IDSM only has a throuput of 500MBps when deep scanning, you're going to potentially be limiting your throughput considerably if you do this.
-
IDSM inspection load on 100%
Now I have IDSM with 100% inspection load on busy hour and followed by missed packets percentage increasing at that time.
The IDSM interface is setting as promiscuous interface
Is it means my network throughput will limited by IDSM max inspection load / throughput which is 600Mbps?
Thank you
Marcel.No, the throughput wil not be limited in the network when you are in promiscous mode. But your visibility for attacks is highly limited.
You should configure your span/capture settings on the 6k5 to only send as much traffic to the IDSM as this module can handle.
Just remember that the IDSM-2 is a ten years old system and can't catch up with the typical traffic-demand we are having nowadays.
It's time to change the IDSM against an actual external sensor. -
What happens when IDSM-2 performance is exceeded
Hi,
we have IDSM-2 with about 20 inline vlan pairs in test environment. What happens to inline traffic when we exceed declared throughput of 500 Mbps? Is traffic dropped or is it forwarded without IPS inspection.If you exceed the monitoring capability of the sensor, then packets that can not be monitored will be dropped by the sensor.
NOTE: 500Mbps is not an absolute performance number for the sensor. It is a performance level that the sensor has been testeed to be able to handle for specific types of traffic used in the performance test. It is unknown exactly how much traffic the sensor will be able to handle for your network. The IDSM-2 will likely handle AROUND 500 Mbps is many and even most customer networks. However, networks do vary and in some networks it may handle quite a bit less traffic, and in other networks might handle even more.
So the question isn't what will happen if you send more than 500 Mbps, but rather what will happen if you send more of your traffic than what the sensor is able to monitor. And the answer is that any traffic that can not be monitored because of performance limitations will be dropped by the sensor.
The only time packets are forwarded without inspection is if sensorApp has stopped monitoring ALL packets (either a reconfiguration or upgrade is taking place, or the sensorApp process has crashed) AND the auot software bypass functionality has kicked in. In which case ALL packets would be forwarded without analysis. -
AP1231G-A-K9 access points - very slow throughput - Is TKIP the issue?
I recently setup our small office network using the following setup:
Cablemodem <--> router <--> 1231AP(role root bridge with wireless clients) <-> 1231AP(role non-root bridge with wireless clients)
Code on both APs: 12.3(8)JEE
Office network generally has less than 3 wireless clients connected at any one time to either AP.
AP's are a mere 50' apart; clients are all less than 30' from either AP; they all show excellent signal and connected at 54mbps signaling rates.
All is/has been working very well & very stable with the exception of speed. We have business class service from RR, approx 25mbps dl, 2mbps ul. Any hardwired client to the router switch ports are able to download at speeds averaging 23mbps. Any wireless client connected to either AP is never able to exceed download speeds of 5mbps. With no other wireless clients connected except my one test client, I was not able to exceed 5mbps throughput from either AP that I connected to.
I can confirm that the ethernet connection between the router and root bridge is up at 100mbps-FD and not showing any errors:
ap#sh interfaces FastEthernet0
FastEthernet0 is up, line protocol is up
Hardware is PowerPC405GP Ethernet, address is 0013.60cf.bb29 (bia 0013.60cf.bb29)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Full-duplex, 100Mb/s, MII
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/160/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 5000 bits/sec, 0 packets/sec
5 minute output rate 1000 bits/sec, 1 packets/sec
8054605 packets input, 3141009145 bytes
Received 46005 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
4076106 packets output, 411952731 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Wandering thru the cli on either AP shows that all wireless clients are indeed connected at 54mbps to their respective AP and the two AP's are connected happily at 54mbps signaling:
Address : 0013.1a37.b3e0 Name : ap
IP Address : 192.168.0.120 Interface : Dot11Radio 0
Device : 11g-bridge Software Version : 12.3
CCX Version : NONE
State : Assoc Parent : Our Parent
SSID : Tsunami
VLAN : 0
Hops to Infra : 0 Association Id : 44
Tunnel Address : 0.0.0.0
Key Mgmt type : WPA PSK Encryption : TKIP
Current Rate : 54.0 Capability : WMM ShortHdr ShortSlot
Supported Rates : 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
Voice Rates : disabled
Signal Strength : -51 dBm Connected for : 75169 seconds
Signal to Noise : 26 dB Activity Timeout : 14 seconds
Power-save : Off Last Activity : 1 seconds ago
Apsd DE AC(s) : NONE
Packets Input : 1050695 Packets Output : 296536
Bytes Input : 474651248 Bytes Output : 96734573
Duplicates Rcvd : 0 Data Retries : 63646
Decrypt Failed : 0 RTS Retries : 0
MIC Failed : 0 MIC Missing : 0
Packets Redirected: 0 Redirect Filtered: 0
Here is a config snippet from the AP non-root bridge with wireless clients:
dot11 ssid Tsunami
authentication open
authentication key-management wpa
guest-mode
infrastructure-ssid optional
wpa-psk ascii 7 (snipped)
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers tkip
ssid Tsunami
speed basic-1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role non-root bridge wireless-clients
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
bridge 1 route ip
(The AP root-bridge with wireless clients config is identical to this config with the exception of the station-role and a static IP on the BVI1 interface.)
Are these very slow thoughput speeds normal of this hardware combination?
I did much searching/googling and found claims that by eliminating TKIP it almost doubles the actual wireless speeds our clients can obtain. Is there any truth to this?
Any suggestions or recommendations without changing hardware would be very welcome.
Thanks in Advance!
D.
=============Ok, thanks for the explanation - I understand. But even at a 22mbps signaling rate shouldn't I be seeing throughputs greater than 5-5.5mbps especially since this location is literally 100% free of any outside interference and the interfaces definitely show the clients and non-root bridge (when connected) all being at the highest rate of 54mbps? I tried even in the same room, approximately 40' away, total line of sight, no obstructions, between my laptop and the root AP.
I disconnected the non-root bridge and connected directly to the root bridge during my testing. I was still only able to achieve approx 5.5mbps download. Adding back in the non-root bridge and re-connecting to it I notice slightly lower throughput, approx 5mbps. During testing, my laptop was the only device connected to the network, all other clients were shut off.
Here are the int stats (I've never reset the counters):
Root Bridge:
RATE 1.0 Mbps
Rx Packets: 2178725 / 49 Tx Packets: 39 / 0
Rx Bytes: 335124036 /7595 Tx Bytes: 4965 / 0
RTS Retries: 61 / 0 Data Retries: 5 / 0
Non-Root-Bridge:
RATE 1.0 Mbps
Rx Packets: 2323120 / 50 Tx Packets: 141 / 0
Rx Bytes: 336455923 /7595 Tx Bytes: 17869 / 0
RTS Retries: 2 / 0 Data Retries: 56 / 0
All the other rates, 2-12mbps show single or double digit packet/byte counts until I get to the 36mbps section of each interface:
ap#sh int Dot11Radio0 stati
DOT11 Statistics (Cumulative Total/Last 5 Seconds):
(snipped for brevity)
Root Bridge:
RATE 36.0 Mbps
Rx Packets: 915395 / 1 Tx Packets: 2345589 / 9
Rx Bytes: 93420936 / 70 Tx Bytes: 3370791285 / 874
RTS Retries: 0 / 0 Data Retries: 573981 / 4
RATE 48.0 Mbps
Rx Packets: 2163192 / 2 Tx Packets: 216861 / 0
Rx Bytes: 222455730 / 404 Tx Bytes: 182817967 / 0
RTS Retries: 0 / 0 Data Retries: 106808 / 0
RATE 54.0 Mbps
Rx Packets: 987986 / 0 Tx Packets: 168923 / 0
Rx Bytes: 190467269 / 0 Tx Bytes: 61665042 / 0
RTS Retries: 0 / 0 Data Retries: 34424 / 0
Non-Root Bridge:
RATE 36.0 Mbps
Rx Packets: 2368679 / 0 Tx Packets: 965419 / 0
Rx Bytes: 3396819830 / 0 Tx Bytes: 90880825 / 0
RTS Retries: 0 / 0 Data Retries: 242686 / 0
RATE 48.0 Mbps
Rx Packets: 341870 / 0 Tx Packets: 2156282 / 1
Rx Bytes: 216497093 / 0 Tx Bytes: 215775536 / 210
RTS Retries: 0 / 0 Data Retries: 478619 / 0
RATE 54.0 Mbps
Rx Packets: 1469926 / 15 Tx Packets: 2529678 / 15
Rx Bytes: 411722698 /1122 Tx Bytes: 1366306113 /5159
RTS Retries: 0 / 0 Data Retries: 198532 / 0
I will try disabling the rates below 12mbps and re-test.
I would like to try disabling all encryption and try as well.
Do you know if the AP's will associate if there is zero encryption? -
A question very similar to mine exists here.
I have a SOFS cluster (3 hosts). I connected each without nic teaming at first and later tested with nic teaming. I'm using a single 10GbE Netgear M7100-24X switch. The CSV is configured as a 2-way mirror through storage space using a SAS JBOD with
24 disks. Each host is configured the same way with 32 GB of RAM. 6 GB is set for CSV cache.
I ran ntttcp test (v5.28) with 8 threads. Sending to the SOFS host, I get over 1100 MB/s throughput. Receiving from the SOFS, I get just under 680 MB/s throughput. So the switch looks to be working fine.
When using LAN Speed Test (Lite), connections directly to the file share folders (\\host#\c$\ClusterStorage\Volume1\Shares\folder) for a 200MB file for each server averages to about 700 Mbps write and 2000 Mbps read. Connection to the cluster role (\\sofs\folder),
results in 90 Mbps write and 2000 Mbps read. However, after waiting for a minute for it to start running, the speed test starts and pauses repetitively. I know this doesn't mean much because it isn't testing transfers from SMB to SMB.
Since I can't set up another SMB to test SMB to SMB transfer, I'm jumping straight to Hyper-V. In VMM, I added SOFS file share folder to an existing vm cluster. After that, I migrated a vm to one of the hosts in the cluster with high availability checked
and saw that it indeed used the \\sofs\folder.
Using LAN Speed Test (Lite) on that vm and back to that particular vm host, I'm getting under 90 Mbps write and 340 Mbps read. If you recall the earlier results directly to \\sofs\folder, the write speed is similar to just regular file transfer speed, but
the read speed is 6 times lower. Sending with ntttcp, I'm getting an average of 11 MB/s throughput, which does explain the 90 Mbps write. And receiving from the host, I'm getting an average of 42 MB/s throughput, which also explains the 340 Mbps read speed. But
another vm hosted by the same server without SOFS is giving me 350 MB/s sending and 360 MB/s receiving to and from that host respectively. Although way faster, this does seem a little bit slower. I then ran Passmark Network Test to be thorough. Max speed
of the vm using SOFS is 100 Mbps sending and 330 Mbps receiving. The vm without SOFS is 7500 Mbps sending and 6000 Mbps receiving. I don't know why ntttcp differs from Passmark this much. (Maybe ntttcp not as optimized for 10GbE?)
But disregarding discrepancies on the results for the vm without SOFS, it is still clear that the vm with SOFS as storage is way slower. To rule out nic teaming as the solution to my problems, I've set up nic teaming (switch independent and dynamic) to all
the SOFS hosts. I didn't get much difference in the results. As I do not have another switch, I don't think nic teaming helped with the load balancing. And I haven't set up link aggregation (MLAG) on the switch either.
Is this the speeds that I should be getting, or are there other optimizations or configurations you can suggest? I'll be honest, a single vm on SOFS doesn't lag very much if at all despite its awful throughput I'm currently getting. What I'm scared of is
if I put 50 vms and have SQL Server run off the SOFS.I'm using normal 10 GbE NIC with just RSS; I should have mentioned that I'm only using Intel X520-T2 nics.
As for getting 7500 Mbps throughput on the VM host without using SOFS, let me clarify. On host A, I have two virtual machines. One VM is set up to use SOFS and HA, the other one is just on host A itself. The VM on SOFS is giving me 90
Mbps write and 340 Mbps read. And the VM stored on the host itself is giving me 7500 Mbps write
and 6000 Mbps reading. BTW, typically I get better read speeds than writes, it might be the day and hour. Earlier today when I reran the benchmarks, it was 7300/7500 Mbps write/read. The VM with the SOFS is still the same however.
I was told before that we don't need RDMA at a Microsoft conference, but now I think it's only true for a lab environments... The company I work for does not have
the budget to buy RNIC and SFP+ switches for now.
I'm going to try to implement these
solutions first. I currently only using a single VNIC. Give me a day or two.
What I'm currently wondering about is that the DNS servers on the network are not on the 10 GbE network. I'm wondering if the data is staying on the 10 GbE network and not going out to the 1 GbE network first. This is a total guess.
Maybe you are looking for
-
Unable to Open a New Browser Window
I have a couple users who are having trouble logging in to Discoverer on new PCs. They are using Internet Explorerer 8. They are able to get to the login screen, but when the hit connect (or Go) they get an error: "Unable to open a new browser window
-
P205D-S7802 Sound troubles in XP
For various reasons I had to downgrade from vista to xp a few months ago on my P205D-S7802, and have not been able to use sound since. The system says no sound card is installed. I don't recall everything I went through installing xp a few months a
-
Hi , Please give me the solution how to review customere open Item,payment analysis report . Thanks, Miku.
-
I am using the following commands. RMAN> sql "alter session set nls_date_format=''dd-mon-yyyy HH24:MI:SS''"; 2> report unrecoverable database; 3> report need backup days 2 database; 4> list backup; 5> EXIT; BS Key Type LV Size Device Type Elapsed Tim
-
HT1923 Itunes sync with Windows 8
Having a hard time syncing my Iphone 4S with windows 8. Any suggestions?