[c-nsp] FWSM CPU ?
matthew zeier
mrz at velvet.org
Tue Dec 5 13:46:53 EST 2006
During the Firefox 1.5.0.7 release, we had a mirror drop offline and
pushed nearly 1Gbps out the FWSM with no more than 5% CPU load. That
was a lot of http & ftp traffic.
Voll, Scott wrote:
> We have more interfaces, less data rate, = ACL and we see a lot less CPU
> (1-2%).
>
> Scott
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Lajber Zoltan
> Sent: Tuesday, December 05, 2006 10:10 AM
> To: Dean Smith
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] FWSM CPU ?
>
> On Tue, 5 Dec 2006, Dean Smith wrote:
>
>> Does anyone have any real world throughput/NAT vs CPU stats for FWSM ?
>>
>> Of course it will be down to rulebase/NAT complexity etc, but trying
> to
>> gauge what we might see in real life.
>
> We have one fwsm with some load: 6 internal interface, each PAT-et to
> different address (one of them PAT-et to two addresses).
>
> The daily load:
> connectionos: average 65k, max 120k,
> data rate: average 82Mbps, max 151Mbps,
> cpu load: avg 5.6%, max 12%.
>
> No fancy things, near default inspections, very few acl lines (~100 per
> interfaces).
>
> Bye,
> -=Lajbi=----------------------------------------------------------------
> LAJBER Zoltan Szent Istvan Egyetem, Informatika Hivatal
> reboot, reinstall, google
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list