====== Hardware requirements and performance======
{{indexmenu_n>2}}
===== Minimum Requirements =====
SSG software runs on general-purpose x86 servers that are installed in a 19-inch rack and have redundant AC/DC power and cooling fans. Due to the high degree of code optimization and integration with hardware, there are some special requirements:
The CPU and RAM parameters are determined according to the required bandwidth. We advise you to look through the [[en:dpi:dpi_brief:dpi_requirements#recommended_requirements|Recommended Requirements]] and agree on the choice of software server with VAS EXPERTS's representatives or our partners to install the software.
| CPU | **One CPU** supporting **SSE 4.2** staring from [[http://en.wikipedia.org/wiki/Nehalem_(microarchitecture)|Intel Nehalem]] and [[https://en.wikipedia.org/wiki/Zen_2|AMD EPYC Zen2]] with **4 or more processor cores**, **2.5 Ghz clockspeed** and above**.\\ **!SSG only works with one processor! |
| RAM | Not less than 8Gb, it is necessary to install memory modules in all processor channels on the motherboard |
| SSD Disks | To host the OS and SSG software, it is necessary to use 2 disks with a capacity of 256GB or more, combined in RAID 1 (mirror). It is necessary to use a hardware RAID controller. NVMe SSD disks (in M.2, U.2 form factor or PCI Express expansion cards) are a priority. If the platform does not support this type of media, we recommend using SATA/SAS SSD (DWPD>=1) instead of HDDs |
| Number of network ports | At least **3 ports are required**: **one** for the remote management using SSH (any kind of chipset), **the two** other to process network traffic ([[https://core.dpdk.org/supported/nics/|network cards with DPDK support]]) |
| Supported network cards | It is recommended to use **only tested cards** on **Intel** chipsets ((if your card is not on the tested list, software adaptation, development, and additional testing will be required)) with 2, 4, or 6 ports ((a specific model list is not provided, as there is a very large selection of manufacturers for these cards: from Intel itself to branded options like Huawei, HP, Dell, Silicom, Advantech, Lanner, Supermicro, Silicom, and dozens of others, as well as built-in cards on motherboards or as part of SOC)). The most popular models: \\ **1GbE interfaces:** \\ - e1000 (82540, 82545, 82546) \\ - e1000e (82571, 82572, 82573, 82574, 82583, ICH8, ICH9, ICH10, PCH, PCH2, I217, I218, I219) \\ - igb (82573, 82576, 82580, I210, I211, I350, I354, DH89xx) \\ - igc (I225) \\ \\ **10GbE interfaces:** \\ - ixgbe (82598, 82599, X520, X540, X550) \\ - i40e (X710, XL710, X722, XXV710) \\ - mlx5 \\ \\ **25GbE interfaces:** \\ - i40e (XXV710) \\ - mlx5 \\ \\ **Many server platforms have bandwidth limitations for 40G/100G ports, we recommend purchasing equipment from our partners for these installations** \\ \\ **40GbE interfaces:** (the x8 PCIe 3.0 card has a maximum bandwidth of 64Gbps. Thus, a 2x40GbE port card can handle no more than 32Gbps in + 32Gbps out in inline mode. In on-stick mode, a 2x40GbE port card can handle no more than 64Gbps in+out across both ports. To avoid these limitations, it is recommended to use only one port on a two-port 40GbE card \\ - i40e (X710, XL710, X722, XXV710) \\ \\ **100GbE interfaces, a motherboard with PCIe 4.0 x16 support is required:** A 2x100GbE port card can handle no more than 50Gbps in + 50Gbps out per port in inline mode. In on-stick mode, a 2x100GbE port card can handle no more than 128Gbps in+out across both ports. To avoid these limitations, it is recommended to use only one port on a two-port 100GbE card \\ - mlx5 (Mellanox ConnectX-4, ConnectX-5 (MCX516A-CDAT), ConnectX-6) \\ - ice (Intel E810, E810-CQDA2) - //make sure the latest firmware is installed on the Intel card: earlier firmware versions did not support GRE tunnels // \\ **For BRAS PPPoE, only 100G Intel E810 cards should be used (Mellanox cards do not support RSS for PPPoE traffic)** |
| Bypass support | Bypass is supported for Silicom cards [[https://www.silicom-usa.com/pr/server-adapters/networking-bypass-adapters/100-gigabit-ethernet-bypass-networking-server-adapters/p4cg2bpi81-bypass-server-adapter/|100GbE]], [[https://www.silicom-usa.com/pr/server-adapters/networking-bypass-adapters/40-gigabit-ethernet-bypass-networking-server-adapters/pe340g2bpi71-server-adapter/|40GbE]], [[http://www.silicom-usa.com/pr/server-adapters/networking-bypass-adapters/10-gigabit-ethernet-bypass-networking-server-adapters/pe210g2bpi9-ethernet-bypass/|10GbE]] and [[http://www.silicom-usa.com/cats/server-adapters/networking-bypass-adapters/gigabit-ethernet-bypass-networking-server-adapters/|1GbE]] |
SSG platform operates only under control of the [[en:veos:installation|VEOS (VAS Experts Operating System)]]
===== Recommended Requirements =====
Server performance is determined based on peak traffic volume value on the channel. When choosing a CPU, RAM, it is necessary to take into account that the calculation is presented for asymmetric traffic. This means that when installing "in-line" for peak incoming traffic of 12 Gbps (Max IN traffic), you need to purchase a SSG-20 license and a platform with parameters: 1 CPU 16 cores and more, RAM 64GB and more.
{{ :en:dpi:dpi_components:platform:dpi_requirements:calculator.xlsx |Equipment calculation depending on traffic and functionality}}
^ Total traffic (in+out) \\ Gbps ^ Max incoming traffic \\ Gbps ^ Stingray SG Version ^ Number of cores per CPU\\ with a frequency of 2.5 GHz ^ RAM, GB \\ necessary to install memory modules in all processor channels on the motherboard ^ Minimal number \\ of physical ports ^ Number of Public IPs\\ in a NAT pool ^ Packet per second in Million \\ base CPU frequency from 2,5GHz ^
| 2 | 1,5 | **SSG-2** | 4 | 12 | 4x1G, 2x10G | 100 | 1M pps |
| 4 | 3 | **SSG-4** | 4 | 16 | 6x1G, 2x10G | 500 | 1,5M pps |
| 6 | 5 | **SSG-6** | 6 | 32 | 2x10G | 1000 | 3-4M pps |
| 10 | 8 | **SSG-10** | 12 | 48 | 2x10G | 2000 | 6M pps |
| 20 | 15 | **SSG-20** | 16 | 64 | 4x10G | 3000 | 9M pps |
| 40 | 30 | **SSG-40** | 18 [[https://ark.intel.com/content/www/us/en/ark/products/199352/intel-xeon-gold-6242r-processor-35-75m-cache-3-10-ghz.html|Intel 6242R]] | 96 | 6x10G, 4x25G, 4x40G, 2x100G | 4000 | 12M pps |
| 60 | 45 | **SSG-60** | 28 [[https://ark.intel.com/content/www/us/en/ark/products/199350/intel-xeon-gold-6258r-processor-38-5m-cache-2-70-ghz.html|Intel 6258R]], [[https://ark.intel.com/content/www/us/en/ark/products/215285/intel-xeon-gold-5320-processor-39m-cache-2-20-ghz.html|Intel 5320]], \\ 32 [[https://www.amd.com/en/products/cpu/amd-epyc-7502p|AMD 7502P]] | 128 | 10x10G, 4x25G, 4x40G, 2x100G | 5000 | 15M pps |
| 80 | 60 | **SSG-80** | 64 [[https://www.amd.com/en/products/cpu/amd-epyc-7702p|AMD 7702P]] | 160 | 12x10G, 6x25G, 6x40G, 4x100G | 6000 | 18M pps |
| 100 | 75 | **SSG-100** | 64 [[https://www.amd.com/en/products/cpu/amd-epyc-7702p|AMD 7702P]] | 192 | 20x10G, 8x25G, 8x40G, 4x100G | 7000 | 20M pps |
| 120 | 90 | **SSG-120** | 64 [[https://www.amd.com/en/products/cpu/amd-epyc-9534|AMD 9534]] | 256 | 20x10G, 8x25G, 8x40G, 4x100G | 10000 | 22M pps |
| 160 | 120 | **SSG-160** | 96 [[https://www.amd.com/en/products/cpu/amd-epyc-9654|AMD 9654]] | 384 | 24x10G, 16x25G, 10x40G, 6x100G | 12000 | 30M pps |
| 240 | 180 | **SSG-240** | 128 [[https://www.amd.com/en/products/cpu/amd-epyc-9754|AMD 9654]] | 512 | 16x25G, 14x40G, 8x100G | 15000 | 45M pps |
Important when selecting a server:\\
1.**The Stingray SG uses only one processor** because of the impact on performance of [[https://en.wikipedia.org/wiki/Non-uniform_memory_access| NUMA]] for dual-processor configurations.\\
2.**When choosing a CPU, it is necessary to take into account the base frequency **, the higher the frequency, the greater the performance.\\
3.When using **Stingray SG as L2 BRAS (DHCP/ARP/PPPoE authorization)** it is necessary to take into account the additional load associated with the analysis of each packet by additional parameters. This leads to an increase in CPU power consumption. **In such cases it is recommended to increase the number of CPU cores by 30%.** For a SSG-40 license implement the SSG-60 platform.\\
4.**The use of 100G** interfaces is possible only when the platform is delivered through a partner in order to control the server specification.\\
5.**Using the option [[en:dpi:dpi_options:opt_shaping|]]** involves additional internal locks, which reduces system performance to 40G of total traffic, regardless of the number of cores.\\
6.**Every 256 public IP addresses in NAT Pool (/24 subnet) consume 5GB of RAM. /23 = 10GB, /22 = 20GB, /21 = 40GB, /20 = 80GB, /19 = 160GB.**
===== Requirements for Installation on a Virtual Machine =====
SSG software can be installed on a Virtual Machine (VM). \\
VM has the following requirements:
* Hypervisor: VMware, KVM
* CPU of at least 4 cores with a frequency of 2.5 GHz
* RAM of 8 Gb and more
* Storage space of 20 Gb and more
Check VM preparation for test:
OS CentOS: **cat /etc/redhat-release**
CentOS Linux release 8.5.2111 (Core)
OS VEOS: **cat /etc/*releas* ** or **cat /etc/system-release**
VEOS release 8.7 (Sakhalin)
\\ \\
RAM: **cat /proc/meminfo**
MemTotal: 16254744 kB
Checking whether all cores belong to one CPU: **grep "physical id" /proc/cpuinfo |sort -u**
physical id : 0
Number of cores: **grep "cores" /proc/cpuinfo |sort -u**
cpu cores : 4
There must be at least three interfaces (two for traffic and one for administration): **lspci | grep Ethernet**
0b:00.0 Ethernet controller: VMware VMXNET3 Ethernet Controller (rev 01)
13:00.0 Ethernet controller: VMware VMXNET3 Ethernet Controller (rev 01)
1b:00.0 Ethernet controller: VMware VMXNET3 Ethernet Controller (rev 01)
For SSG to work in a virtual environment, in the Security settings of virtual networks in which in_dev and out_dev are composed, you need to enable:
* Promiscuous mode Accept
* MAC address changes Accept
* Forged transmits Accept
===== System requirements for Soft-Router =====
Depending on the amount of routing information, an additional 4-8 GB of memory will be required.