performance impact of simple queues for SNMP monitoring only?

abjornson · January 26, 2018, 7:51pm

I love the ability to use SNMP to monitor bytes-in / bytes-out of simple queues via SNMP.

I’m considering using simple queues only for monitoring in a situation where I’m not actually using simple queues to manage bandwidth. I’m aware of netflow, but for my current needs this actually seems much simpler, so I’m trying to understand if it will work well and without impacting network performance.

For example say I have 3 subnets sharing an upstream connection of 100 Mbps.:

192.168.1.0/24
192.168.2.0/24
192.168.3.0/24

Can I just create 3 simple queues

/queue simple add name=subnet1 target=192.168.1.0/24
/queue simple add name=subnet2 target=192.168.2.0/24
/queue simple add name=subnet3 target=192.168.3.0/24

Or alternately

/queue simple add max-limit=500M/500M name=subnet1 target=192.168.1.0/24
/queue simple add max-limit=500M/500M name=subnet2 target=192.168.2.0/24
/queue simple add max-limit=500M/500M name=subnet3 target=192.168.3.0/24

Two questions:

is there a network or CPU performance impact of using several simple queues with all limits set at “unlimited” (or with limits set much larger than my actually available bandwidth)
i’ve read in a few forum posts that unlimited simple queues of type default don’t actually do anything (for example here http://forum.mikrotik.com/t/bug-unlimited-simple-queue-bug-suspected-in-6-30-2/90435/1) is this true? Instead of setting limits at unlimited, should I set them arbitrarily large

shaoranrch · January 26, 2018, 8:07pm

While I haven’t tested this myself, I think it’d impact (badly) on many things:

Router’s CPU
1.- Processing per-packet into the queues should grow with the number of queues you add
2.- Could mean a router’s lockup in certain stressed scenarios depending on your overall network and hardware

Configuration hassle
1.- You’d have to add a queue per device, and keep it controlled (IPs changing, devices/customers being add/removed, etc.). I know you’re saying you’d do it per subnet, but what if you-wanted-to do it per IP
2.- Your configuration file would be huge (thanks to point 1)
3.- You’d need to add the corresponding OID to your SNMP server, although this can be automated, but if you don’t…
4.- Queue’s OID may change on router’s reboot (not sure if this is the case, but you have to consider this)
5.- You’d need to do this per IP you want to monitor
6.- You’d add queues plus active polling to the server, how many requests will it process? depends on the number of queues (say 1500 queues, means 1500 queries to the router)

Also, what if the paths of traffic need to follow a router where said queues aren’t configured, what would you do?

Admitedly it may work, depending on your hardware and amount of queues needed.

Netflow is the right tool for this, I wrote a post about FastNetMon which is basically a software for detecting DDoS but will help you achieve this, here’s the post: http://forum.mikrotik.com/t/fastnetmon-integration-with-mikrotik-ddos-detection-software/111647/1

We actually use this for providing real time reports on BW usage per each IP we give to the customers, we don’t need to manually add the IPs to the system everytime we add new customers, if it’s from one of our monitored pools and traverses one of our collectors (we have many, even if path changes they’ll use at least one), then the system will have the information for the report available.

Anyway if it’s just 3 queues it’d work, but consider this as a viable future-proof solution to whatever you’re trying to solve.

abjornson · January 26, 2018, 8:24pm

Thanks for the feedback.

In this particular case, the number of queues i need is low…which is why I’m considering this option. For this scenario, I’m not actually interested in tracking per individual IP.

I want to monitor a network which serves 3-5 different types of customers…and customers of each type are neatly segregated into large subnets.

I would only be making one queue per customer type, which means no adding of queues over time, and no need to configure additional OIDs to the monitoring server beyond the original ones.

I’m aware of netflow, and have used it in the past…it’s a great tool. Just liking the simplicity of this approach and want to figure out if there are any performance gotchas I’m not thinking of before trying it out.

shaoranrch · January 26, 2018, 10:17pm

Well if it works for you that’s great. Just do pay attention to whether the OIDs change upon reboot, I highly doubt 2, 3-5 queues added just for this will make any significant impact, I mean, there’s people here terminating hundreds (and even thousands) of queues on a single device doing actual limiting of traffic.

But nevertheless the best way to be sure would be to test it out.