[c-nsp] NBAR on 2800

Kristofer Sigurdsson kristo at kristo.is
Thu Jan 10 09:55:25 EST 2008 

I would caution you against using a 2800 (or any ISR) for this

> application.  The ISRs have very limited throughput.  A couple years ago
> 87Mbps might have seemed like a lot.  It doesn't seem like a lot now and
> will definitely leave you short in the near future.

http://www.cisco.com/warp/public/765/tools/quickreference/routerperformance.pdf
>
> Your existing router is already undersized for the 100Mbps link you have
> on it.  Through NBAR on it and you'll really be hitting a wall.


Duly noted.  However, the 87 Mbit/s is, according to the router performance
PDF, the number for the 2821.  The existing 2821 will be used for the 20
Mbit/s backup link, so I believe it will suffice there.  For the 100 Mbit/s
link, you are right, if we would max the link out, it would be undersized.
That's why I'm thinking about the 2851, which, according to the router
performance PDF, can do 112 Mbit/s.

Now, I realize those numbers are without any features, but they also use 64
byte packets.  Fortunately, our average packet size is bigger than that.  Do
you know what kind of performance hit it would take for NBAR?


I would recommend you push the bean counters towards a different router.
>   The 7201 would be a good sized router for what you want to do.  How
> much growth are you expecting?  Fight off the bean counters with the
> argument of the router being maxed out at capacity from day 1.  A 7201
> with Advanced IP (you want the NBAR features) is $28.5k.  A loaded 2821
> with 1GB of RAM and Advanced IP is $12,145.  The 7201 has 4x the GigE
> interfaces w/ builtin SFP slots to boot whereas the ISR only has 2 and
> no built SFP slots.  The 7201 has roughly 6x the capacity of the 2821
> for 2.5x the price plus all the other benefits.  That's the direction
> I'd push.


Well, for growth, I'm expecting a steady growth from the present average 30
Mbit/s (60 Mbit/s spikes) over the next few years, but I'm hoping the P2P
block will slow that growth significantly.  I have been looking at the 2851,
which is a bit beefier than the 2821.

I realize you have already advised against the ISRs, but do you think the
3800 series would be a tolerable alternative?  The 3825 is supposed to be
able to do 179 Mbit/s, which sounds like enough for a 100 Mbit/s link, even
with NBAR.  Maybe those are priced similarly as the 7201...

I will check on the 7201, but unfortunately, I believe they are probably too
expensive for the bean counters on this project.  I think I may even be
pushing it with the 2851.

Thanks to all that have replied so far,
Kristo

More information about the cisco-nsp mailing list