cisco also has this neat division called marketing which is paid to inflate
specs and lie..
on their 12000 series routers they count packets coming in AND leaving the
router as throughput
even tho you can only push so much into it :)
----- Original Message -----
From: "Chuck Larrieu"
To:
Sent: Thursday, June 07, 2001 1:01 AM
Subject: RE: Layer3 switch vs Router [7:7406]
> So layer three switches are faster, 'eh? By orders of magnitude, 'eh? This
> calls for a bit of research on CCO.
>
> Hhhmmmmmmm................
>
> Catalyst 8500 = 24 million PPS
> http://www.cisco.com/univercd/cc/td/doc/pcat/ca8500c.htm#CJAEJHDF
>
> Catalyst 6509 = 170 million PPS
> http://www.cisco.com/univercd/cc/td/doc/pcat/ca6000.htm
>
> Cisco 12000 = 375 million PPS
> http://www.cisco.com/univercd/cc/td/doc/pcat/12000.htm
>
> Cisco 7600 - 30 million PPS
> http://www.cisco.com/univercd/cc/td/doc/pcat/7600.htm
>
>
> so it would appear, based on Cisco's own product literature, that high end
> router versus high end switch, the edge most definitely goes to the
product
> Cisco calls a router. and numbers are all over the place, to judge from
the
> example I have looked at.
>
> Look, my point remains that any trickery, hardware or otherwise, can be
> applied to "routers" as well as "switches".
>
> It most definitely is NOT enough to say that there is a difference and it
is
> because of the hardware construction of a "switch" versus that of a
"router"
>
> Chuck
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Michael L. Williams
> Sent: Wednesday, June 06, 2001 8:52 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Layer3 switch vs Router [7:7406]
>
> "Sergei Gearasimtchouk" wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I am sorry, should have said some thing meaningful. :(
> > hypothetically speaking, if the ACLs are in place, wire speed is gone.
> > The concept route one switch many is no longer holds its value.
>
> That's what I thought you meant. I'm glad you clarified your position.
>
> But it's incorrect. Multilayer switching (& therefore wire speed
"routing")
> are out the door only when you have an ACL applied to the MLS-RP interface
> as an incoming ACL. That's it. This is where flow masks come into play.
> There are 4 situations that need to be considered when using ACLs and
> Multilayer switching:
>
> 1) Where there is an incoming ACL on the MLS-RP interface, Multilayer
> switching is out the window because every incoming packet must be examined
> by the router.
>
> 2) If there is no access list, you can use a Destination IP flow mask, the
> simplest of the flow masks, where only the destination IP address is
looked
> for in the MLS cache.
>
> 3) When there is a outgoing standard IP ACL applied to the MLS-RP
interface,
> a Source-Destination IP flow mask needs to be used. This forces the
MLS-SE
> to look for an entry with both the source and destination IP addresses in
> the MLS cache. Here's the reason why:
>
> If a packet has been sent from the MLS-SE to the MLS-RP, the packet gets
> routed, then the outgoing ACL is applied. If the packet makes it back to
> the MLS-SE, then the MLS-SE knows that the packet was allowed (not denied
by
> the ACL) and it makes a MLS cache entry. Since a standard IP ACL uses
> source IP to permit/deny, the MLS-SE needs to look for the source IP as
well
> as the destination IP in the MLS cache. Any subsequent packets from/to
the
> same source/destination need not be compared to the ACL again as the
> criteria for the ACL on the original packet was satisfied.
>
> 4) When there is an outgoing extended IP ACL applied to the MLS-RP
> interface, an IP Flow mask needs to be used. An IP Flow masks instructs
the
> MLS-SE to look for an entry that contains the source IP and port AND
> destination IP and port (basically Layers 3 AND 4). The MLS-SE must look
> for all of that information in the MLS cache because extended IP ACLs
> permit/deny using all of those criteria. Again, the same reasoning
applies
> as far as the ACL goes, which is: if the first packet sent to the MLS-RP
> comes back to the MLS-SE, then the MLS-SE knows that the packet was
allowed
> (not denied) by the ACL, and therefore it doesn't need to check the ACL
for
> subsequent packet and Multilayer switching continues as normal.
>
> Most of the time an incoming ACL can be re-written as an outgoing ACL on
> other interfaces. Although it is usually recommended to use incoming ACLs
> over outgoing ACLs (so that traffic unwanted traffic doesn't get into the
> router's fabric just to be denied going out of another interface), in the
> case of Multilayer switching, the disadvantages caused by using outgoing
> ACLs are completely outweighed by the advantage of being able to use
> Multilayer switching.
>
> So, even with an ACL active, as long as it's an outgoing ACL on the MLS-RP
> interface, "wire speed routing" is still in tact.
>
> > Anyhow, let routers do what they do best, and allow switches do their
> > layer 2 stuff...
>
> Multilayer switching is an ingenious idea that allows a switch to take an
> incredible load off of the routers while not only providing the same
> performance, but providing better, faster performance. As another post
> mentioned, sure a router can do 100,000 packets/sec, but multilayer
switches
> can handle an order of magnitude more traffic (in the millions of
> packets/sec)
>
> Mike W.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=7488&t=7406
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
