[c-nsp] new Cisco routers 1800/2800/3800

Church, Chuck cchurch at netcogov.com
Thu Sep 30 07:59:11 EDT 2004


Sorry I didn't clarify, I had converted the 1.1 gb figure into 550 full
duplex, since it's hard to push 1.1 gig over a gig interface :)  Anyway,
I think we've found Cisco's rating of pps and throughput to be based on
64 byte packets and no interface config other than IP addresses.  I also
believe that as the packet size goes up, the pps goes down pretty quick.
Cisco lists the 3745 at 225,000 pps and 115,200 kbps.  I don't believe
anyone here has seen this router even get close to half that number of
pps.  This new 3845 did about 95,000 pps at full size and with CBAC and
NAT.  I'm willing to bet without CBAC and NAT, and with a real world mix
of packet sizes, it'll approach 200 kpps.  Very similar to a NPE-400
with real-world traffic.  I'm thinking that Cisco's motivation behind
performance boost is they're getting sick of having a call-flooded TAC
everytime a new MS worm comes out.  Either that, or IBM gave them a
great deal on the CRS-1 ASICs!  It certainly can't hurt.  You can never
be too rich, too thin, or have a too fast CPU in your router!


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com  <-note new address!
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
-----Original Message-----
From: Koen Peetermans [mailto:K.Peetermans at chello.be] 
Sent: Thursday, September 30, 2004 3:56 AM
To: 'Ryan O'Connell'; Church, Chuck
Cc: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] new Cisco routers 1800/2800/3800

Just checked the Miercom report for the 3845. Looks like for this router
it
was 1.1 Gbit / Seconds. The 550 Mbit figures must have been for the
2851.

First of all, I'm not sure if the Miercom test is any kind of real-world
performance test.

And since the Miercom test has been done with NAT, CBAC and logging,
comparing these test results with router Forwarding (switching) from
other
platform would be comparing apples and oranges.

So we'll have to wait for numbers comparing the real routing forwarding
speed between platforms to make a reasonable evaluation.

Kind regards,

Koen.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ryan O'Connell
Sent: donderdag 30 september 2004 9:20
To: Church, Chuck
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] new Cisco routers 1800/2800/3800

On 30/09/2004 03:51, Church, Chuck wrote:

>It must be a hell of a CPU then.  That Miercom report listed 550Mb full
duplex for the 3845, with NAT and I assume CBAC in use.   Granted it's
huge
packets, but still, that's almost 95,000 pps at almost full size.  I
don't
think the 3745 can touch that.  That's NPE-400 territory, isn't it?  I
imagine that NPE-G2 coming out soon ought to be a beast!
>  
>

I didn't look at the Miercom report, but an NPE-400 will do 400kpps - so

the 3840 is only 25% of the speed, which isn't much for a router with GE

interfaces.

I suspect Cisco want to keep the 3x00 line at the edge of the network - 
95kpps isn't enough to survive even a small a DoS attack and a 
reasonable number of BGP sessions would probably kill the CPU too which 
makes it inappropriate to use in even far-flung parts of a backbone or 
as a peering router. However, with GE interfaces and E3 it'll make a 
better box than a 7200 for terminating customer circuits and in many 
Enterprise applications where the 3600 currently gets used.

It wouldn't surprise me if we see a channellised STM-1 (OC-3) card in 
the future for terminating even larger aggregate bearers.

Cisco have alwys been very careful not to kill the lucrative 7200 market

they do so well in, which is why until now the 3600 has never had a 
(useful) E3/T3 card available. The 7[23]00 still has a large niche, but 
it's being pushed out at the bottom for aggregating customer circuits by

the 3800 and at the top for ISP work by the 7600/6500, so maybe it won't

be the workhorse of the internet that we're all used to for that much 
longer...

>-----Original Message-----
>From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Lukasz Bromirski
>Sent: Wednesday, September 29, 2004 6:00 PM
>To: cisco-nsp at puck.nether.net
>Subject: Re: [c-nsp] new Cisco routers 1800/2800/3800
>
>sthaug at nethelp.no wrote:
>
> >> 2800 has shipped, 3800 ships next week. PPS is considerably up
> >> [more than double] from the 17xx 26XXXM and 3700, ASIC based with
> >> fully integrated firewall with hardware IPSEC.
> > Are you saying these boxes actually have ASIC based forwarding? That
> > could definitely make them interesting.
>
>No, CPU is still doing routing etc. Only the buses changed from simple
>PCI ones to dedicated-ASIC based. The firewall (ACLs/statefull
firewall)
>is also software-based not hardware based. However, it's true there's
>internal simple VPN ASIC on-board, that usually can serve up to 500-700
>tunnels (but the AIM slot is ready for dedicated AIM module, which
>if installed, enhances throughput and maximum number of the VPN
>tunnels). Also, there's internal TDM functionality on-board, so You can
>start mixing DS0 channels from various interface cards without any
>special considerations and specific module cards.
>
>Most of this information is already available on the cisco.com/go/isr
>site, with presentations and technical specs.
>
>  
>


-- 
         Ryan O'Connell - CCIE #8174
<ryan at complicity.co.uk> - http://www.complicity.co.uk

I'm not losing my mind, no I'm not changing my lines,
I'm just learning new things with the passage of time

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list