cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
665
Views
0
Helpful
2
Replies

NAVU API Performance Issues

bhh6
Level 1
Level 1

We have an NSO service written in Java that uses the NAVU API to read incoming service data for ASA firewall configuration for our SDN solution.  This service has use cases that read as many as 50000 ACL entries to be written to an ASA device in a single transaction. If we perform this service using the NAVU API to iteratively read each ACL rule from CDB, then the total processing time for the code that does the read operations is about 475 seconds or approximately 8 minutes. However, if instead we don't use the NAVU API, and as an alternative we read the configuration from maapi (using save_config) as an XML text blob, and then use a StAX XML parser to parse the data, then the total time is closer to 3.5 minutes (a difference of at least 4 minutes from the NAVU method).

 

Has anybody else experienced similar issues in similar SDN based use cases where reading large amounts of data from northbound results in similarly slow performance by NSO while parsing the NAVU tree?  Are there other alternative API options that have been tried successfully to get around this type of performance limitation?

 

We currently have an SR open with TAC on this, but I wanted to see if other community members have also faced this issue and explored similar types of remedies.

 

Thanks very much.

 

Regards,

 

Bill

2 Replies 2

Dan.Sullivan
Cisco Employee
Cisco Employee

Hi Bill,

Well using the NAVU API will require context switching while the XML approach doesn't. Have you tried using a template directly reading the service model?

Thanks,

-Dan

Hi Dan,

 

Our business logic is such that a template alone wouldn't be sufficient for what we need to do.  For instance, we are converting network prefix strings to IP & mask combinations and changing port and protocol numbers to mnemonics before writing to the devices.  We also have our own validation framework built into the service to validate certain constraints that we couldn't express in the yang model.

 

Could you help me understand the concept of "context switching" a little more as I saw it wasn't documented much as of the NSO 4.7 development manual.  From what I’ve learned up to now, I understand that it occurs anytime a maapi or navu method is invoked from Java or Python while a service callback is in scope, which results in the NSO core code handling the call and that there is an identifiable performance cost involved whenever that process takes place.  Is that correct?

 

Thanks,

 

Bill