Understanding SRX Series Services Gateways Central Point Architecture
The central point (CP) in the architecture has two basic flow functionalities: load balancing and traffic identification (global session matching). The central point forwards a packet to its Services Processing Unit (SPU) upon session matching, or distributes traffic to an SPU for security processing if the packet does not match any existing session.
An SPU dedicated to central point functionality is called a large central point. However, when such a dedicated SPU is not affordable, you can configure the SPU to perform normal flow processing as well as the functions of the central point. When an SPU functions in such a dual manner, it is said to be in combination or combo mode. In combo mode, the central point and SPU share the same load-balancing thread (LBT) and packet-ordering thread (POT) infrastructure.
This topic includes the following sections:
Load Distribution in Combo Mode
The central point maintains SPU mapping table (for load distribution) that lists live SPUs with the logic SPU IDs mapped to the physical Trivial Network Protocol (TNP) addresses mapping. In combo mode, the SPU that hosts the central point is included in the table. The load distribution algorithm is adjusted based on session capacity and processing power to avoid overloading of sessions.
Sharing Processing Power and Memory in Combo Mode
The CPU processing power in a combo-mode SPU is shared based on the platform and the number of SPUs in the system. Similarly, the CPU memory is also shared between the central point and SPU.
An SPU has multiple cores (CPUs) for networking processing. In "small" SPU combo mode, CPU functionality takes a small portion of the cores, whereas "medium" SPU combo-mode requires a larger portion of cores. The processing power for central point functionalities and flow processing is shared, based on the number of SPUs, as shown in Table 1.
Table 6: Combo Mode Processing
Number of SPUs | 1 | 2 | 3 | 4 or More than 4 |
|---|---|---|---|---|
SRX3400 | Small | Medium | Medium | Medium |
SRX3600 | Small | Medium | Medium | Medium |
Related Topics
- JUNOS Software Feature Support Reference for SRX Series and J Series Devices
- Understanding How to Obtain Session Information for SRX Series Services Gateways
- Understanding Session Characteristics for SRX Series Services Gateways