[c-nsp] Recommended 2800 ISR

Tony Varriale tvarriale at comcast.net
Fri Sep 5 12:16:00 EDT 2008 

I would agree.

I've actually found they are a little conversative in their numbers from 
their concentrators up to the routers.

tv
----- Original Message ----- 
From: "Matthew Marlowe" <matt at deploylinux.net>
To: "'Buhrmaster, Gary'" <gtb at slac.stanford.edu>; "'Dan Letkeman'" 
<danletkeman at gmail.com>; <giulianocm at uol.com.br>; 
<cisco-nsp at puck.nether.net>
Sent: Friday, September 05, 2008 9:52 AM
Subject: Re: [c-nsp] Recommended 2800 ISR


> Cisco actually is pretty honest about the performance of the routers with
> most/all security features enabled if you go to the QA section of the
> product pages and click on router model and look for the question "What is
> the performance of router XX?".     At which point, they'll state that a
> Cisco 3845 can process a single T3 and that the 28xx's performance is
> measured in multiples of T-1's (with 2851 being 6xT1 and 2801 being 1xT1).
>
> I've done some measuring of 2800/3800 series performance and the 
> statements
> seem to be born out.  If you have the acl's/inspection/ips enabled, a 3845
> really will give out around 50Mbps, even though the router is rated with a
> raw capacity of ~250Mbps.  If you just have reasonable acl's and stateful
> firewall/inspection features, performance seems to double and you might 
> get
> ~100Mbps on a 3845 imho, I'd think the ratio would be about the same on a
> 28xx(2851 -> 18Mbps?).  Your mileage may vary.
>
> The recommendation to look at ASA's is pretty good and would be cheaper.
> Otherwise, among the ISR's, a 3825 would be the safe bet.
>
> Regards,
> Matt
> --
> Matthew Marlowe                              matt at deploylinux.net
> DeployLinux Consulting, Inc                  Direct: 858-217-5730
> Senior Infrastructure Consultant             Office: 888-459-0515
> Cell: 805-857-9144 Fax: 858-876-1692     YIM:deploylinuxconsulting
>
> Designing, Securing, and Maintaining Mission Critical Linux Servers
>              for Successful Internet Applications
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Buhrmaster, Gary
> Sent: Thursday, September 04, 2008 8:41 PM
> To: Dan Letkeman; giulianocm at uol.com.br; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Recommended 2800 ISR
>
>
>> I have read that document before, do those numbers (2811 - 61.44mpbs
>> CEF Fast switching) mean that it can process that bandwidth with
>> nothing else running on the router?
>
> With the wind behind the bits heading downhill.
> The first paragraph says:
>
>  Numbers are given with 64 byte packet size, IP only,
>  and are only an indication of raw switching performance.
>  These are testing numbers, usually with FE to FE or POS
>  to POS, no services enabled. As you add ACL's, encryption,
>  compression, etc - performance will decline significantly
>  from the given numbers  ....
>
> The moment you add (for example) NAT or Firewall features,
> expect significantly less performance.  As always, your
> Mbps will vary and your situation will be unique (and
> almost never to your benefit).
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list