RFC layer 3 ethernet device for high bw application

Need something that can handle up to 600Mpbs with NAT and GRE and perhaps ultimately BGP. Just need to two gigE ints. Someone else recommended a 3845 but according to cisco doc that supports 250Mpbs. I was curious if a 4948 would be best - that's about 1-2k more. 4948 doc claims, "72 Mpps forwarding rate in hardware for Layer 2-4 traffic." How real world are Cisco's specs?

thanks

Reply to
linguafr
Loading thread data ...

Well, I think the figures probably used to be pretty accurate for best case scenarios. They probably still are in the vacuum of a lab situation. However, the ones they publish today seem to assume that packets are forwarded through CEF. However, I believe that NAT and GRE packets need to be punted and you won't get the use of CEF. Given that the routers don't have the hardware processing that switches have, I don't know how much difference that actually makes. Maybe someone else that knows this better can sound off. But, you can figure that the more your ask your router to do (NAT, GRE and BGP) will take away from the throughput.

To me, unless you have needs that specifically require a router, a layer 3 switch often makes a better solution. Unfortunately, I think you'll probably need to stick with a router for your needs.

Personally, if this was me, I'd go to a Cisco rep or var and put the requirements on them so that you have someone to complain to when the box doesn't live up to what you need.

Hope that helps,

Jim

Reply to
Scooby

they are "real" in the sense of you can put a box in the lab and test "just" IP forwarding under clean conditions and get roughly that number.

Real usage tends to add lots of overhead, for routing protocols, control, management and so on - whether that hits the performance depends on how much there is and whether forwarding uses the same resources.

So - a software router like a 3825 is using the same CPU to forward packets as will run your BGP - so if you end using 50% of the CPU perf on BGP table handling, then dont be surprised if forwarding only gets to 50% of the notional rated thruput.

Official numbers where you probably got your info:

formatting link
NB - do you need to double your numbers for full duplex performance as well?

If so, and with 50% margin you need around 2.4 Gbps.......

looks like a 7200 with an NPE-G2 is going to get closer, but you really need something with go faster stripes........

1 alternative is to split the functions on different boxes and / or quantify if all the traffic is GRE or just some?

Cat 6k with a Sup 720 has hardware NAT processing - AFAIR 20 Mpps.....

This also gives you much better management than you would get with a typical switch - built in Netflow in hardware for example.

Sup32 may be the same since it is roughly the same internally - and some varients come with several GigE ports.

There is the Catalyst 6524 stackable which is basically a Sup 32 +

10/100/1000 I/O card

Not sure about the GRE, but worth a look.

Note - on these platforms you need a fairly expensive licence to get some features, and AFAIR that includes BGP.....

Reply to
stephen

To me, a 7200 looks to be a good fit for what you've described.

JC

Reply to
J.Cottingim

To me, a 7200 looks to be a good fit for what you've described.

JC

Reply to
J.Cottingim

linguafr napisa=B3(a):

Have you consider 7600/6500 with Sup720 3BXL ? - GRE in hardware, some=20 hardware support for NAT (but I have never used it) and BGP, and all switching stuff in hardware

I have 4948 and doesn't trust for Cisco specs.

I'm not sure but I think that 4948 have GRE but only in software. And BGP has very small routing table. And NAT ? I have never used it.

D.

Reply to
siedar_bez_spamu

Thanks for all the good info.

GRE is just being used for incoming, about 30Mpbs, both directions will be NATTED. We're routing this traffic asymetrically. The part about not being able to use cef if we're doing gre and nat is significant. you can't mix and match cef with non-cef processing on a given packet? isn't route selection done first? is there a device in which gre can be done in hw, like encryption on a vpn ac?

Reply to
linguafr

Ok, now understand the part about the packets getting punted if any of the required features aren't supported by cef. This doc claims cef support for GRE

formatting link
But can't find any mention of cef support for NAT.

Reply to
linguafr

formatting link

Hardware NAT support is part of Sup 720 family on a Cat 6500.

For CEF support there are 2 separate Qs.

  1. does the CEF software support the features you want.

if so, any IOS platform at the min level of s/w needed will do it (the Rel notes you gave in a URL are for IOS 12.4 - FWIW the Cat 6509 / Sup 720 we use is limited to 12.2.18SXF right now).

  1. does a hardware based platform support hardware acceleration of that feature in that release of code.

if it doesnt then you probably only get s/w based CEF on that box.

so - you might get a mix of different packet thruputs for each logical "path" thru the box.

looks like the Sup32 does both with hardware acceleration:

formatting link

>
Reply to
stephen

As mentioned, this is a complex combination of features and I would want to get the reseller to underwrite the design.

Probably worth a lab test.

I actually think that the Cisco numbers are conservative since they always quote the throughput in bps as the packet rate x 64byte packets. Real works networks usually have an average packet size much larger that that.

BGP is not processor intensive. You can run (and many people have I think) BGP on a 2500. If you had full tables you wuld want to take a look at the implications of a high packet rate and BGP but I don't think it will be a problem.

You will need either a software router 3845, 7200 or a 6500/7600. The latter are hardware routers. I think that the 6500 does GRE and NAT with hardware assistance so will have bery high throughput.

I all cases certain features can cause packets to be switched in slower paths. There are two or three paths:-

Hardware (6500) Fast switched (e.g. CEF) all platforms Process switched all platforms (inc 6500)

Each slower path is AT LEAST an order of magnitude slwoer than the immediately faster one.

formatting link
may get you staretd.

BTW the 4948 should not be on your list. It has h/w L3 but no h/w NAT or GRE.

Reply to
Bod43

The 6524 looks interesting if I don't have to buy the Adv IP Image. Is there any technical reason I'd have to purchase it?

Reply to
linguafr

AFAIR you need an expensive image to get BGP / OSPF and a few other goodies.

Reply to
stephen

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.