[c-nsp] Policing on Catalyst 4948 - Hardware or Software?
Rick Ernst
rick at woofpaws.com
Mon Jun 15 13:24:28 EDT 2009
The Catalyst 4948 was brought to my attention as a potential collocation
aggregation device; with a specific requirement of bidirectional policing
per port.
I have spent quite a bit of time on Cisco and Google trying to find out
whether policing (independent of marking/classifying) is performed in
hardware or software. I get some hints that it is hardware, but nothing
the says so outright. With a 266MHz processor, it doesn't seem like there
is a lot of capacity for bandwidth management.
In an ideal/extreme case, I'd like to be able to have hosts/networks
attempt to push 1Gbs per port and have it throttled to 1Mbs each without
cratering the device. More realistically, 24 ports populated, each set to
10-500Mbs per customer (port).
I'm looking at a distributed device rather than modular for several
reasons including cable management (a nightmare at high port density) and
incremental expansion (makes the finance people less upset than dropping a
full chassis in with minimal utilization).
As part of the bigger picture; I'm looking at 7206VXR/G2 at the border for
GigE upstreams and BGP endpoints funneled to a pair of 7600/Sup720 for
redundant "glue", feeding multiple legacy aggregation devices and new,
bandwidth managed, ethernet customers. Current utilization is ~300Mbs
both in and out, but we now have customers looking for 100-300Mbs CIR.
As an aggregation device, I'm also looking for OSPF, BGP, HSRP, and
potentially Layer-3 ACLs.
There are several other vendors touting ASIC-based policing but Cisco
isn't as informative.
Thanks,
Rick
More information about the cisco-nsp
mailing list