I would agree.

I've actually found they are a little conversative in their numbers from their concentrators up to the routers.

tv
----- Original Message ----- From: "Matthew Marlowe" <[EMAIL PROTECTED]> To: "'Buhrmaster, Gary'" <[EMAIL PROTECTED]>; "'Dan Letkeman'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <cisco-nsp@puck.nether.net>
Sent: Friday, September 05, 2008 9:52 AM
Subject: Re: [c-nsp] Recommended 2800 ISR


Cisco actually is pretty honest about the performance of the routers with
most/all security features enabled if you go to the QA section of the
product pages and click on router model and look for the question "What is
the performance of router XX?".     At which point, they'll state that a
Cisco 3845 can process a single T3 and that the 28xx's performance is
measured in multiples of T-1's (with 2851 being 6xT1 and 2801 being 1xT1).

I've done some measuring of 2800/3800 series performance and the statements
seem to be born out.  If you have the acl's/inspection/ips enabled, a 3845
really will give out around 50Mbps, even though the router is rated with a
raw capacity of ~250Mbps.  If you just have reasonable acl's and stateful
firewall/inspection features, performance seems to double and you might get
~100Mbps on a 3845 imho, I'd think the ratio would be about the same on a
28xx(2851 -> 18Mbps?).  Your mileage may vary.

The recommendation to look at ASA's is pretty good and would be cheaper.
Otherwise, among the ISR's, a 3825 would be the safe bet.

Regards,
Matt
--
Matthew Marlowe                              [EMAIL PROTECTED]
DeployLinux Consulting, Inc                  Direct: 858-217-5730
Senior Infrastructure Consultant             Office: 888-459-0515
Cell: 805-857-9144 Fax: 858-876-1692     YIM:deploylinuxconsulting

Designing, Securing, and Maintaining Mission Critical Linux Servers
             for Successful Internet Applications


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Buhrmaster, Gary
Sent: Thursday, September 04, 2008 8:41 PM
To: Dan Letkeman; [EMAIL PROTECTED]; cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Recommended 2800 ISR


I have read that document before, do those numbers (2811 - 61.44mpbs
CEF Fast switching) mean that it can process that bandwidth with
nothing else running on the router?

With the wind behind the bits heading downhill.
The first paragraph says:

 Numbers are given with 64 byte packet size, IP only,
 and are only an indication of raw switching performance.
 These are testing numbers, usually with FE to FE or POS
 to POS, no services enabled. As you add ACL's, encryption,
 compression, etc - performance will decline significantly
 from the given numbers  ....

The moment you add (for example) NAT or Firewall features,
expect significantly less performance.  As always, your
Mbps will vary and your situation will be unique (and
almost never to your benefit).
_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Reply via email to